search

openstack-k8s-operators / openstack-operator

Meta Operator for OpenStack
https://openstack-k8s-operators.github.io/openstack-operator/
Apache License 2.0
27 stars 76 forks source link

[dataplane] Use short hostname for CommonName in node cert #938

Closed olliewalsh closed 2 months ago

olliewalsh commented 2 months ago

CommonName is limited to 64bytes so not safe to use the fqdn.

QEMU/libvirt actaully expect CN to be the short hostname:

$ virt-pki-validate ... The server certificate does not seem to match the host name hostname: "edpm-compute-0" Server certificate CN: "edpm-compute-0.ctlplane.example.com"

Related: OSPRH-8652

olliewalsh commented 2 months ago

/hold

openshift-ci[bot] commented 2 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: olliewalsh, stuggi

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openstack-k8s-operators/openstack-operator/blob/main/OWNERS)~~ [olliewalsh,stuggi] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
olliewalsh commented 2 months ago

/remove-hold live block migration works in my env

vakwetu commented 2 months ago

/lgtm

olliewalsh commented 2 months ago

/cherry-pick 18.0.0-proposed

openshift-cherrypick-robot commented 2 months ago

@olliewalsh: once the present PR merges, I will cherry-pick it on top of 18.0.0-proposed in a new PR and assign it to you.

In response to [this](https://github.com/openstack-k8s-operators/openstack-operator/pull/938#issuecomment-2229487304): >/cherry-pick 18.0.0-proposed Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
olliewalsh commented 2 months ago

/test openstack-operator-build-deploy-kuttl

stuggi commented 2 months ago

/test openstack-operator-build-deploy-kuttl

openshift-cherrypick-robot commented 2 months ago

@olliewalsh: new pull request created: #941

In response to [this](https://github.com/openstack-k8s-operators/openstack-operator/pull/938#issuecomment-2229487304): >/cherry-pick 18.0.0-proposed Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.