generated from kubernetes/kubernetes-template-project
-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
✨ [VC] Support Auto Reloading KUBECONFIGs from Secrets #128
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
Milestone
Comments
k8s-ci-robot
added
the
kind/feature
Categorizes issue or PR as related to a new feature.
label
Jun 15, 2021
christopherhein
changed the title
✨ Support Auto Reloading KUBECONFIGs from Secrets
✨ [VC] Support Auto Reloading KUBECONFIGs from Secrets
Jun 15, 2021
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
Denotes an issue or PR has remained open with no activity and has become stale.
label
Sep 13, 2021
/remove-lifecycle stale |
k8s-ci-robot
added
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
and removed
lifecycle/stale
Denotes an issue or PR has remained open with no activity and has become stale.
labels
Sep 13, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
User Story
As a operator I would like the syncer to auto reload changes to
KUBECONFIG
secrets so that the syncer can stay up to date with PKI expiry w/o intervention.Detailed Description
In the next version of VC w/ CAPN/CAPI Support control planes are being provisioned out of cluster and linked via two annotations, along w/ the old path for
native
provisioning would load theKUBECONFIG
bytes once then never reload unless the syncer is restarted. This happens here - https://github.com/kubernetes-sigs/cluster-api-provider-nested/blob/main/virtualcluster/pkg/syncer/conversion/helper.go#L84-L99With the new CAPI/CAPN support this lifecycle should be automated so if CAPI expires the KUBECONFIG credentials (every 6months) that they syncer reloads the client.
Anything else you would like to add:
Hold until #81 is done.
/kind feature
/milestone v0.1.x
The text was updated successfully, but these errors were encountered: