Open lhotari opened 2 years ago
The reason we added here is because AR is the first pod coming up in the cluster. Private/public key pair need to be created ahead of bastion and other pods initialized. We have have a dedicated pod to initialize keys and JWTs.
+1. We should create a separate initialization job that runs when needed.
Currently JWT tokens are provisioned by an init container that is part of the autorecovery component.
https://github.com/datastax/pulsar-helm-chart/blob/16a5b8169b0bb7c48deb1c149aaf4e0a7f185f10/helm-chart-sources/pulsar/templates/autorecovery/autorecovery-deployment.yaml#L168-L189
This should be decoupled since provision-tls-jwt has nothing to do with Bookkeeper autorecovery.