To update the cert in ingress-gce controller, we first create a new cert with a different name, then update the target proxy to point to the new cert and then delete the old cert.
In kubemci, we just delete the old cert and then recreate it with the same name but new value.
This is simpler, but can lead to downtime in the brief period when we have deleted the old cert but havent created the new one.
We need to converge this with ingress-gce by sharing the same code.
To update the cert in ingress-gce controller, we first create a new cert with a different name, then update the target proxy to point to the new cert and then delete the old cert. In kubemci, we just delete the old cert and then recreate it with the same name but new value. This is simpler, but can lead to downtime in the brief period when we have deleted the old cert but havent created the new one.
We need to converge this with ingress-gce by sharing the same code.
cc @G-Harmon @bowei