github/k3s - k3s - https://git.xinac.net

Author SHA1 Message Date

Author	SHA1	Message	Date
Brad Davidson	37a26379d5	Add support for cross-signing new certs during ca rotation We need to send the full chain in order for cross-signing to work properly during switchover to a new root. Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-03-13 20:04:11 -07:00
Brad Davidson	14f2226b67	Allow for multiple sets of leader-elected controllers Addresses an issue where etcd controllers did not run on etcd-only nodes Signed-off-by: Brad Davidson <brad.davidson@rancher.com>	2023-02-10 11:35:29 -08:00
Brad Davidson	5eac6f977c	Add `certificate rotate-ca` to write updated CA certs to datastore This command must be run on a server while the service is running. After this command completes, all the servers in the cluster should be restarted to load the new CA files. Signed-off-by: Brad Davidson <brad.davidson@rancher.com> (cherry picked from commit `215fb157ff`)	2023-02-10 09:33:55 -08:00

Brad Davidson

Add support for cross-signing new certs during ca rotation

We need to send the full chain in order for cross-signing to work
properly during switchover to a new root.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

2023-03-13 20:04:11 -07:00

Brad Davidson

14f2226b67

Allow for multiple sets of leader-elected controllers

Addresses an issue where etcd controllers did not run on etcd-only nodes

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

2023-02-10 11:35:29 -08:00

Brad Davidson

5eac6f977c

Add `certificate rotate-ca` to write updated CA certs to datastore

This command must be run on a server while the service is running. After this command completes, all the servers in the cluster should be restarted to load the new CA files.

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
(cherry picked from commit 215fb157ff)

2023-02-10 09:33:55 -08:00

3 Commits (3b28ac0a1ff34a8a537a96bb733a4c3713fde9c7)