Open alexfouche opened 7 months ago
@alexfouche yes, it is CA for both clusters. We need to document it properly.
Should I close the issue, Or let it open for documentation?
Let's keep it open. We have the following JIRA issues to capture it in the docs: https://jira.percona.com/browse/K8SPG-468 https://jira.percona.com/browse/K8SPG-465
Thank you.
About the context:
In a single namespace named
postgres
, i have twoPerconaPGCluster
CR which created two different Postgres databases namedarchive
andanalytics
I did not specify any certificates in the CR, so that Postgres Operator generates them automatically
My Postgres Operator runs cluster wide in a namespace named
postgres-operator
Observations:
All secrets created by the Operator in namespace
postgres
are prefixed with each cluster name. But there is a secretpgo-root-cacert
which is not prefixed, and which contains two Owner references (might have been added by Kapp deployer)I am not sure if this is a problem, or if that means that both Postgres clusters share the same certificates, or if that simply means that cluster certificates are different but simply signed by the same CA