lubronzhan
commented
2 months ago Hi @dougbtv thanks for taking a look, question about proper way to rotate the kubeconfig, is it just restarting the whereabouts the pod?
Thanks
Open lubronzhan opened 2 months ago
lubronzhan
commented
2 months ago Hi @dougbtv thanks for taking a look, question about proper way to rotate the kubeconfig, is it just restarting the whereabouts the pod?
Thanks
Is your feature request related to a problem? Please describe. The token in /etc/cni/net.d/whereabouts.d/whereabouts.kubeconfig is about to expire in 1 month, but nothing will rotate it. This token is used by multus.
For now, what's the proper way to rotate the certificate? Delete the whereabouts pod so that it triggers install-cni.sh again? Describe the solution you'd like Whereabout should be able to rotate the token and certificate inside kubeoconfig.
Or do what multus did, using thick deployment, that listening through a socket so that multus could call it through that socket https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/thick-plugin.md Describe alternatives you've considered
Additional context Add any other context or screenshots about the feature request here.