search

Azure / aksArc

# Welcome to the Azure Kubernetes Service enabled by Azure Arc (AKS Arc) repo This is where the AKS Arc team will track features and issues with AKS Arc. We will monitor this repo in order to engage with our community and discuss questions, customer scenarios, or feature requests. Checkout our projects tab to see the roadmap for AKS Arc!
MIT License
111 stars 45 forks source link

Allow users to schedule certificate updates (or set expiration date when running Update-AksHciCertificates) #232

Open eponerine opened 2 years ago

eponerine commented 2 years ago

After May 2022 release, users have 90 days to either upgrade their deployment or update their certificates with Update-AksHciCertificates

This is a drag to have to manually do, especially in environments where stability is paramount (not everyone wants to run the most bleeding edge version of Kubernetes). And from a Customer Support POV, I imagine a decent chunk of tickets come in with users having this issue?

If there is no plan to auto-rotate certs internally, then can we have a way to schedule the Update-AksHciCertificates command using Scheduled Tasks (or clustered scheduled tasks)?

Alternatively, can we have a flag on Update-AksHciCertificates to specify an expiration longer than 90 days?

azpoul commented 1 year ago

We would really appreciate this feature! We are not even in production yet, but it's still a hassle to maintain this.

eponerine commented 1 year ago

Hey @PragyaDw - I see this was maybe gonna make the Jan/Feb release? Is there any update on it?

PragyaDw commented 1 year ago

Hey @eponerine we shipped the auto rotate cert feature in Feb release: https://github.com/Azure/aks-hybrid/issues/292 Adding @baziwane for more clarity