Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release-1.27] - Add client-supervior.crt and client-supervior.key to the rotation list #9916

Closed
brandond opened this issue Apr 10, 2024 · 1 comment
Closed

[Release-1.27] - Add client-supervior.crt and client-supervior.key to the rotation list #9916

brandond opened this issue Apr 10, 2024 · 1 comment
Assignees
@brandond @ShylajaDevadiga
Milestone
v1.27.13+k3s1

Comments

@brandond
Copy link
Member

Backport fix for Add client-supervior.crt and client-supervior.key to the rotation list
@brandond brandond self-assigned this Apr 10, 2024
@brandond brandond mentioned this issue Apr 10, 2024
Merged
@caroline-suse-rancher caroline-suse-rancher added this to the v1.27.13+k3s1 milestone Apr 11, 2024
@caroline-suse-rancher caroline-suse-rancher moved this from New to Peer Review in K3s Development Apr 11, 2024
@brandond brandond moved this from Peer Review to To Test in K3s Development Apr 11, 2024
@ShylajaDevadiga
Copy link
Contributor

Validated using latest commit id 2d48b19 on release-1.27 branch

Environment Details
Infrastructure
Cloud EC2 instance

Node(s) CPU architecture, OS, and Version:

cat /etc/os-release
NAME="SLES"
VERSION="15-SP5"
VERSION_ID="15.5"
PRETTY_NAME="SUSE Linux Enterprise Server 15 SP5"

Cluster Configuration:
Single node

Config.yaml:

cat /etc/rancher/k3s/config,yaml
write-kubeconfig-mode: "0644"
cluster-init: true
secrets-encryption: true

**Steps to reproduce the issue and validate**
  1. Install rke2
  2. Run rke2 certificate rotate
  3. Restart rke2 service
  4. Check certs rotated

**Replication results: **

> sudo diff -sr /var/lib/rancher/k3s/server/tls/ /var/lib/rancher/k3s/server/tls-1712959418/| grep -i identical |grep supervisor
Files /var/lib/rancher/k3s/server/tls/client-supervisor.crt and /var/lib/rancher/k3s/server/tls-1712959418/client-supervisor.crt are identical
Files /var/lib/rancher/k3s/server/tls/client-supervisor.key and /var/lib/rancher/k3s/server/tls-1712959418/client-supervisor.key are identical
ec2-user@ip-172-31-6-177:~>

** Validattion results: **

ec2-user@ip-172-31-6-177:~> sudo diff -sr /var/lib/rancher/k3s/server/tls/ /var/lib/rancher/k3s/server/tls-1712958657/| grep -i identical |grep supervisor
ec2-user@ip-172-31-6-177:~>

@github-project-automation github-project-automation bot moved this from To Test to Done Issue in K3s Development Apr 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@brandond brandond

@ShylajaDevadiga ShylajaDevadiga

Labels
None yet
Projects
K3s Development
Archived in project
Milestone
v1.27.13+k3s1
Development

No branches or pull requests
3 participants
@brandond @ShylajaDevadiga @caroline-suse-rancher