Open sbernauer opened 9 months ago
HBase operator tests
Test case kerberos_hbase-2.4.12_hdfs-3.3.6_zookeeper-latest-3.8.3_listener-class-cluster-internal_kerberos-realm-CLUSTER.LOCAL_kerberos-backend-mit
hbase-operator commit 543f7395955763e4bc6c6c77be2f98bd3ab32611, 2024-02-01 docker-images commit c75007e0a63ea0bb5277b88e8cb6d4648028f8f2, 2024-02-05
We found out that CA rotation was not the culprit after all. It turns out that a recent PR to add Kerberos support caused the issue as it enabled TLS for the Web UIs at the same time. Unfortunately, the tests were only running against 2.4.17 and not 2.4.12 otherwise it would have failed already at that time.
This ticket can stay open but it is less severe now.
Since https://github.com/stackabletech/secret-operator/pull/350 secret-op can add multiple CAs to the created PEM and pkcs12 truststores. Some products (in some versions) have problems with this, as we noticed in HBase 2.4.12 (see error message below)
We need to check every product to see if it supports multiple certificates: