If you want to see App Mesh implement this idea, please upvote with a :+1:.
Tell us about your request
In EKS, certificates are stored in secrets which are mounted to a container's filesystem. If the contents of the secret changes (e.g., automatic certificate renewal), Kubernetes automatically updates the data mounted within the container's filesystem.
AppMesh/Envoy should detect this change and automatically reload the certificates in the running container, otherwise the system will become inoperable once the existing certificates expire.
Which integration(s) is this request for?
EKS / Kubernetes
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Currently, we need to manually detect cert/secret updates and take some action within the cluster, such as manually restarting the pods on which the certs were mounted.
Are you currently working around this issue?
We are currently managing this manually; however, we are considering some in-house automation to detect these changes and trigger pod restarts. This seems like work we shouldn't have to do.
Additional context
N/A
Attachments
If you think you might have additional information that you'd like to include via an attachment, please do - we'll take a look. (Remember to remove any personally-identifiable information.)
If you want to see App Mesh implement this idea, please upvote with a :+1:.
Tell us about your request In EKS, certificates are stored in secrets which are mounted to a container's filesystem. If the contents of the secret changes (e.g., automatic certificate renewal), Kubernetes automatically updates the data mounted within the container's filesystem.
AppMesh/Envoy should detect this change and automatically reload the certificates in the running container, otherwise the system will become inoperable once the existing certificates expire.
Which integration(s) is this request for? EKS / Kubernetes
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? Currently, we need to manually detect cert/secret updates and take some action within the cluster, such as manually restarting the pods on which the certs were mounted.
Are you currently working around this issue? We are currently managing this manually; however, we are considering some in-house automation to detect these changes and trigger pod restarts. This seems like work we shouldn't have to do.
Additional context N/A
Attachments If you think you might have additional information that you'd like to include via an attachment, please do - we'll take a look. (Remember to remove any personally-identifiable information.)