I'm having a problem with the internal OpenShift certs as they are about to
expire on multiple clusters that I have.
I run the redeploy_certs playbook with the following options:
-e openshift_redeploy_openshift_ca=true -e
openshift_master_bootstrap_auto_approve=true
It redeploys all of the certs correctly except the ones inside the
/etc/origin/node/node.kubeconfig
Those are still being flagged as warning <365 days.
Here is the section of the report.
"kubeconfigs": [
{
"cert_cn": "O:system:masters, O:system:cluster-admins,
CN:system:admin",
"days_remaining": 273,
"expiry": "2021-03-01 22:15:50",
"health": "warning",
"path": "/etc/origin/node/node.kubeconfig",
"serial": 6,
"serial_hex": "0x6"
},
{
"cert_cn": "O:system:masters, O:system:cluster-admins,
CN:system:admin",
"days_remaining": 273,
"expiry": "2021-03-01 22:15:50",
"health": "warning",
"path": "/etc/origin/node/node.kubeconfig",
"serial": 6,
"serial_hex": "0x6"
},
Indeed the file has not been touched since OpenShift was installed over a year
ago.
What do I need to do to redeploy the certs in node.kubeconfig?
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
