Brief Description
-----------------
After kube root CA update complete, the old root CA certificate is not removed from controller-manager.conf
Severity
--------
Minor: System/Feature is usable with minor issue
Steps to Reproduce
------------------
Follow kube root CA update procedure to update root CA with a new certificate (can use system kube-rootca-update-generate-cert to generate the new CA certificate)
Once the update complete, check controller-manager.conf.
Expected Behavior
------------------
There is only one CA certificate in the "certificate-authority-data" field of controller-manager.conf, which is the new root CA certificate.
Actual Behavior
----------------
The old root CA certificate is also in the "certificate-authority-data" field of controller-manager.conf.
Reproducibility
---------------
100%
System Configuration
--------------------
Any
Branch/Pull Time/Commit
-----------------------
STX master
Last Pass
---------
Unknown
Timestamp/Logs
--------------
- After kube root CA update complete:
cat /etc/kubernetes/controller-manager.conf
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUU0VENDQXNtZ0F3SUJBZ0lEQUs2OE1BMEdDU3FHU0liM0RRRUJDd1VBTUJVeEV6QVJCZ05WQkFNTUNtdDEKWW1WeWJtVjBaWE13SGhjTk1qRXhNVEl4TVRZME5ETXlXaGNOTXpFeE1URTVNVFkwTkRNeVdqQVZNUk13RVFZRApWUVFEREFwcmRXSmxjbTVsZEdWek1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBCjRhZDF2ajVrbFZsNHV3VHFXTXJRMTZjT3lhaFR2bmVOY3k1aE82MUtMMVdYSE14MHByYnJTSngvRFlzcmZLdzQKQ1BZc1loRk5ZMENnWFpYOVczbXFqNW0yV0JuZEg5dFREWm5pN1NYYXgwV0FhY1hGMCtjbUtrMER4QnhyZEs5aQovdk5qUlFvZkJzdEtROWQzT0ZwdVFMZ2ZVZ1JnUWhUUC9TNFpyU2V2NGUvL3BreUlJSFpRbFFNZzdWamk3U2oyCk1VZHJ4V3dPWWo5L0Q2WFNVQUxmQWhlV0tLaGtqMXBzWEhlbWJHM2tYUUZidkJ5djRlNHMrV2lVMDlHRnBGY2cKK2ptMDdUZjF4ZjByelZGOFpUbWZuZzZXQ3cvUENNSk8yQllYc0tTWkhvMXI4eEh5aWhuSm15aWU5S1Zua0lnagpBMmlJU1BtQ2FJWmFOSDQyQ2JmOVR3RW02bU5xcUdLcDVzUlo1eUtGOFJEOHpKMkRoemNzYmlFaGh1RytTWG1jCmRZR2hIaDhqVkJjVlorZGhUVTlzSk11RmtuQXFTb1NKWTdtZElQbXJKRGJ3Mm1SMmlJQ3I5dTdsN3dLTWQ1VWMKSFA2SGVkRFFUa2V6NVRoaE5pYUNWS1BkOTVRM3FUMUtxd1pNZVpPNlRsMmNONUxZVlBkcTVPY1phdERsYUVhNgp0UjNWcndlTWF5RFNNaERZaUpiTDFPVUxjNWxENlptNG5ya2t2bG40aFN5MzlxUjYyMEV4dU1KZEFxQ0JXMEFkCm1nVC9hTGl0dktYdE9iWGNwQzVEYlpQdXQzclVRTkRsTWt2VmxmQjBxNVhZa3RXQjYxUFU3b1FLeHpCVi81NW0KSTNOSnMydCs3bTkyMEVOU3pQZlV2NHd6Zk16T1Y5RExZTTJlSW1EYTNZRUNBd0VBQWFNNk1EZ3dGUVlEVlIwUgpCQTR3RElJS2EzVmlaWEp1WlhSbGN6QUxCZ05WSFE4RUJBTUNBcVF3RWdZRFZSMFRBUUgvQkFnd0JnRUIvd0lCCkFUQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUF5a05sbk1WdjNTVGx6N0VmWDNJb00wSHhZMnd6cFhudS8vdm0KVjhCaWQvdXRWWnNueGhXcWx1bGRmZGJlRGRFbjhNTk5FQVlrMlRHNmpTVDlzWis2eG5QbnpDdFhpV3lFaVpIMgphM2JHUU1Fb1F2RmN5M0Y5VDlQanhpVUVWbVVUc0thZ2dDcjAzYlVjK2ZFTjhJMUFHU00yK3pKQ1Q3eXlOU1ZLCnlOT25NbEdCTXBPQlZXTFBPa2IxNjVWV1FHZXVMNm9hYTh1WEN0UzV1anQvZytGVm1vRjYxS0xjL205UTR4RWoKTDFOVWZldkpwM05kWmZPcmRWYTRzVVo3Ymp3MVk1MWd4RVVEL1pXNFQwOGxOOHRJNjRGRGsyZWpCaXVuNENlegpwMVN5aUFTN0huSDBDOUM0dlNJTDNCVHNsVHAra0dzVmhWSXFrVExCYlcrUHhjQW80R2NnVnJwVk52M0QzdFJECmtuczlFWENaNW5SUnRnMWN1My9RZ0RFeEMxR3M2dXhCMEJKVlRCZWlHdDlFQ2UxMW5WbEVuVEtkeS9GUmlQbHIKQmFoOThMUW5TdkgwVGtTekJRWDBDT0JmbUpEeE5MV2N4NWpxQ2ZLVkp4OFl0SXhFdmFHYTBvYTZhR3JaYUg4aQpWYWRQb0RSU09oVkhxdUdybjNVTllPYVBsMFlkdFB5L2FWaE1OWlAzbVNrZkdQOXV4M3RZN3EwZUo1YXdTT1U2Cm1PRHNqTjlPbHE3OW0rVnJQdGZBeVNIOFdoN3IxNzhITWV1YzFUclplRUZWellhY0IwWU9qeEh3cTlmR1Rja2wKa0NnRlVHS05zTGxESHpLbGxSTEcyRWRZbXZuRDZ5SHBuSnJHaG9oRVFCdjhRN2l1NHlBVmFQTGtMMFA1QUY1Mwo4aTJld1RRPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlDMkRDQ0FjQ2dBd0lCQWdJUkFPd05YcElnY1c0ME9BRnF2bE55NHRVd0RRWUpLb1pJaHZjTkFRRUxCUUF3CkZURVRNQkVHQTFVRUF4TUthM1ZpWlhKdVpYUmxjekFlRncweU1URXlNRGd5TVRVeU5UTmFGdzB6TVRFeU1EWXkKTVRVeU5UTmFNQlV4RXpBUkJnTlZCQU1UQ210MVltVnlibVYwWlhNd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQpBNElCRHdBd2dnRUtBb0lCQVFETFB5NldYRWRkTnE5NmRFcVVxUDE1TE9wQTg2Y25rOUduR2t2b1lPemhxMFhoClpxSlliL3E5OGlMR0VFTmlMV3d6b2tLVzhEbnFTRzRwNDYvOTliNUFxcHBKeGVzTDFLK3l3ODlEWjBWZGJ4OTgKR0h0elR0NDc1a3oyb09pYnE3SVUwcEltNDQxeDZEYmpHZlRNc0JIclhzRjVrekNqaU5ydER3NUVOOHZIa1NUWAp0SXRiSm8wNDRFY0ZVL2VTR2ZydGtWUTZ3V3BOVDMwdnlOZVJHbkY4RDc5a3lhVXdoWHNnNFRDOGllMXNZdEdQClQ0U0tLenJERkJTMDRPTWRWalZLMzhDTyt3Q1RMaDNLV2JHeEsrQUN5WmxNYmJYNTlNZGZBN1NEdThzTUh2eUEKTEpKdWwwajF4ZWtSWkpNNlBLUExPaVFpNXpmbkxJcmxiK3BDNUFpeEFnTUJBQUdqSXpBaE1BNEdBMVVkRHdFQgovd1FFQXdJQ3BEQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQU1ZWWlFCkNLZGIycTBaS3FaVU5HSFZXQk9MbS85TE9Hb3JNSzZuL2tlYi9LRnJ2Y2VJTlFxZmhiWU12NHB3OURDWXNrRlYKL2xNdTQrREk4Q2hlK1JTWGNJVkhCTkpqcHdTTXlHc2hLWDZmSU50OXovWXlVcjUxb0dUbE1zSzcrR2Z2TE9ZLwptZEloaDMwTGRlTmxEc2tSaEk1WlJoeTA5THlIL2Q4KzIrZU5lM3BvVlh0WldwL1hiMUZoMW91NWVGQzA2RDhVCnNXVExkN0psS3phZkRlRlFWRWRaMHVRSGVTZWFhM3BTdnFmQnl5Q3lyU3J6eWZLY1ZHaTYzU2psR1czL0hIT0kKK2NoSGxmcXB6K05INUNuSWhsMEU3OEtqbUVRZFhrVVZoaU5kazZodTNFaHpOcUYyR09kakkvT2gxUEVpUXBnRApaTCsveUc5aHc3RjMzZXpjCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
server: https://192.168.206.3:6443
name: kubernetes
- Decode the "certificate-authority-data":
echo "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUU0VENDQXNtZ0F3SUJBZ0lEQUs2OE1BMEdDU3FHU0liM0RRRUJDd1VBTUJVeEV6QVJCZ05WQkFNTUNtdDEKWW1WeWJtVjBaWE13SGhjTk1qRXhNVEl4TVRZME5ETXlXaGNOTXpFeE1URTVNVFkwTkRNeVdqQVZNUk13RVFZRApWUVFEREFwcmRXSmxjbTVsZEdWek1JSUNJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBZzhBTUlJQ0NnS0NBZ0VBCjRhZDF2ajVrbFZsNHV3VHFXTXJRMTZjT3lhaFR2bmVOY3k1aE82MUtMMVdYSE14MHByYnJTSngvRFlzcmZLdzQKQ1BZc1loRk5ZMENnWFpYOVczbXFqNW0yV0JuZEg5dFREWm5pN1NYYXgwV0FhY1hGMCtjbUtrMER4QnhyZEs5aQovdk5qUlFvZkJzdEtROWQzT0ZwdVFMZ2ZVZ1JnUWhUUC9TNFpyU2V2NGUvL3BreUlJSFpRbFFNZzdWamk3U2oyCk1VZHJ4V3dPWWo5L0Q2WFNVQUxmQWhlV0tLaGtqMXBzWEhlbWJHM2tYUUZidkJ5djRlNHMrV2lVMDlHRnBGY2cKK2ptMDdUZjF4ZjByelZGOFpUbWZuZzZXQ3cvUENNSk8yQllYc0tTWkhvMXI4eEh5aWhuSm15aWU5S1Zua0lnagpBMmlJU1BtQ2FJWmFOSDQyQ2JmOVR3RW02bU5xcUdLcDVzUlo1eUtGOFJEOHpKMkRoemNzYmlFaGh1RytTWG1jCmRZR2hIaDhqVkJjVlorZGhUVTlzSk11RmtuQXFTb1NKWTdtZElQbXJKRGJ3Mm1SMmlJQ3I5dTdsN3dLTWQ1VWMKSFA2SGVkRFFUa2V6NVRoaE5pYUNWS1BkOTVRM3FUMUtxd1pNZVpPNlRsMmNONUxZVlBkcTVPY1phdERsYUVhNgp0UjNWcndlTWF5RFNNaERZaUpiTDFPVUxjNWxENlptNG5ya2t2bG40aFN5MzlxUjYyMEV4dU1KZEFxQ0JXMEFkCm1nVC9hTGl0dktYdE9iWGNwQzVEYlpQdXQzclVRTkRsTWt2VmxmQjBxNVhZa3RXQjYxUFU3b1FLeHpCVi81NW0KSTNOSnMydCs3bTkyMEVOU3pQZlV2NHd6Zk16T1Y5RExZTTJlSW1EYTNZRUNBd0VBQWFNNk1EZ3dGUVlEVlIwUgpCQTR3RElJS2EzVmlaWEp1WlhSbGN6QUxCZ05WSFE4RUJBTUNBcVF3RWdZRFZSMFRBUUgvQkFnd0JnRUIvd0lCCkFUQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUF5a05sbk1WdjNTVGx6N0VmWDNJb00wSHhZMnd6cFhudS8vdm0KVjhCaWQvdXRWWnNueGhXcWx1bGRmZGJlRGRFbjhNTk5FQVlrMlRHNmpTVDlzWis2eG5QbnpDdFhpV3lFaVpIMgphM2JHUU1Fb1F2RmN5M0Y5VDlQanhpVUVWbVVUc0thZ2dDcjAzYlVjK2ZFTjhJMUFHU00yK3pKQ1Q3eXlOU1ZLCnlOT25NbEdCTXBPQlZXTFBPa2IxNjVWV1FHZXVMNm9hYTh1WEN0UzV1anQvZytGVm1vRjYxS0xjL205UTR4RWoKTDFOVWZldkpwM05kWmZPcmRWYTRzVVo3Ymp3MVk1MWd4RVVEL1pXNFQwOGxOOHRJNjRGRGsyZWpCaXVuNENlegpwMVN5aUFTN0huSDBDOUM0dlNJTDNCVHNsVHAra0dzVmhWSXFrVExCYlcrUHhjQW80R2NnVnJwVk52M0QzdFJECmtuczlFWENaNW5SUnRnMWN1My9RZ0RFeEMxR3M2dXhCMEJKVlRCZWlHdDlFQ2UxMW5WbEVuVEtkeS9GUmlQbHIKQmFoOThMUW5TdkgwVGtTekJRWDBDT0JmbUpEeE5MV2N4NWpxQ2ZLVkp4OFl0SXhFdmFHYTBvYTZhR3JaYUg4aQpWYWRQb0RSU09oVkhxdUdybjNVTllPYVBsMFlkdFB5L2FWaE1OWlAzbVNrZkdQOXV4M3RZN3EwZUo1YXdTT1U2Cm1PRHNqTjlPbHE3OW0rVnJQdGZBeVNIOFdoN3IxNzhITWV1YzFUclplRUZWellhY0IwWU9qeEh3cTlmR1Rja2wKa0NnRlVHS05zTGxESHpLbGxSTEcyRWRZbXZuRDZ5SHBuSnJHaG9oRVFCdjhRN2l1NHlBVmFQTGtMMFA1QUY1Mwo4aTJld1RRPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlDMkRDQ0FjQ2dBd0lCQWdJUkFPd05YcElnY1c0ME9BRnF2bE55NHRVd0RRWUpLb1pJaHZjTkFRRUxCUUF3CkZURVRNQkVHQTFVRUF4TUthM1ZpWlhKdVpYUmxjekFlRncweU1URXlNRGd5TVRVeU5UTmFGdzB6TVRFeU1EWXkKTVRVeU5UTmFNQlV4RXpBUkJnTlZCQU1UQ210MVltVnlibVYwWlhNd2dnRWlNQTBHQ1NxR1NJYjNEUUVCQVFVQQpBNElCRHdBd2dnRUtBb0lCQVFETFB5NldYRWRkTnE5NmRFcVVxUDE1TE9wQTg2Y25rOUduR2t2b1lPemhxMFhoClpxSlliL3E5OGlMR0VFTmlMV3d6b2tLVzhEbnFTRzRwNDYvOTliNUFxcHBKeGVzTDFLK3l3ODlEWjBWZGJ4OTgKR0h0elR0NDc1a3oyb09pYnE3SVUwcEltNDQxeDZEYmpHZlRNc0JIclhzRjVrekNqaU5ydER3NUVOOHZIa1NUWAp0SXRiSm8wNDRFY0ZVL2VTR2ZydGtWUTZ3V3BOVDMwdnlOZVJHbkY4RDc5a3lhVXdoWHNnNFRDOGllMXNZdEdQClQ0U0tLenJERkJTMDRPTWRWalZLMzhDTyt3Q1RMaDNLV2JHeEsrQUN5WmxNYmJYNTlNZGZBN1NEdThzTUh2eUEKTEpKdWwwajF4ZWtSWkpNNlBLUExPaVFpNXpmbkxJcmxiK3BDNUFpeEFnTUJBQUdqSXpBaE1BNEdBMVVkRHdFQgovd1FFQXdJQ3BEQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQU1ZWWlFCkNLZGIycTBaS3FaVU5HSFZXQk9MbS85TE9Hb3JNSzZuL2tlYi9LRnJ2Y2VJTlFxZmhiWU12NHB3OURDWXNrRlYKL2xNdTQrREk4Q2hlK1JTWGNJVkhCTkpqcHdTTXlHc2hLWDZmSU50OXovWXlVcjUxb0dUbE1zSzcrR2Z2TE9ZLwptZEloaDMwTGRlTmxEc2tSaEk1WlJoeTA5THlIL2Q4KzIrZU5lM3BvVlh0WldwL1hiMUZoMW91NWVGQzA2RDhVCnNXVExkN0psS3phZkRlRlFWRWRaMHVRSGVTZWFhM3BTdnFmQnl5Q3lyU3J6eWZLY1ZHaTYzU2psR1czL0hIT0kKK2NoSGxmcXB6K05INUNuSWhsMEU3OEtqbUVRZFhrVVZoaU5kazZodTNFaHpOcUYyR09kakkvT2gxUEVpUXBnRApaTCsveUc5aHc3RjMzZXpjCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" | base64 -d
-----BEGIN CERTIFICATE-----
MIIE4TCCAsmgAwIBAgIDAK68MA0GCSqGSIb3DQEBCwUAMBUxEzARBgNVBAMMCmt1
YmVybmV0ZXMwHhcNMjExMTIxMTY0NDMyWhcNMzExMTE5MTY0NDMyWjAVMRMwEQYD
VQQDDAprdWJlcm5ldGVzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
4ad1vj5klVl4uwTqWMrQ16cOyahTvneNcy5hO61KL1WXHMx0prbrSJx/DYsrfKw4
CPYsYhFNY0CgXZX9W3mqj5m2WBndH9tTDZni7SXax0WAacXF0+cmKk0DxBxrdK9i
/vNjRQofBstKQ9d3OFpuQLgfUgRgQhTP/S4ZrSev4e//pkyIIHZQlQMg7Vji7Sj2
MUdrxWwOYj9/D6XSUALfAheWKKhkj1psXHembG3kXQFbvByv4e4s+WiU09GFpFcg
+jm07Tf1xf0rzVF8ZTmfng6WCw/PCMJO2BYXsKSZHo1r8xHyihnJmyie9KVnkIgj
A2iISPmCaIZaNH42Cbf9TwEm6mNqqGKp5sRZ5yKF8RD8zJ2DhzcsbiEhhuG+SXmc
dYGhHh8jVBcVZ+dhTU9sJMuFknAqSoSJY7mdIPmrJDbw2mR2iICr9u7l7wKMd5Uc
HP6HedDQTkez5ThhNiaCVKPd95Q3qT1KqwZMeZO6Tl2cN5LYVPdq5OcZatDlaEa6
tR3VrweMayDSMhDYiJbL1OULc5lD6Zm4nrkkvln4hSy39qR620ExuMJdAqCBW0Ad
mgT/aLitvKXtObXcpC5DbZPut3rUQNDlMkvVlfB0q5XYktWB61PU7oQKxzBV/55m
I3NJs2t+7m920ENSzPfUv4wzfMzOV9DLYM2eImDa3YECAwEAAaM6MDgwFQYDVR0R
BA4wDIIKa3ViZXJuZXRlczALBgNVHQ8EBAMCAqQwEgYDVR0TAQH/BAgwBgEB/wIB
ATANBgkqhkiG9w0BAQsFAAOCAgEAykNlnMVv3STlz7EfX3IoM0HxY2wzpXnu//vm
V8Bid/utVZsnxhWqluldfdbeDdEn8MNNEAYk2TG6jST9sZ+6xnPnzCtXiWyEiZH2
a3bGQMEoQvFcy3F9T9PjxiUEVmUTsKaggCr03bUc+fEN8I1AGSM2+zJCT7yyNSVK
yNOnMlGBMpOBVWLPOkb165VWQGeuL6oaa8uXCtS5ujt/g+FVmoF61KLc/m9Q4xEj
L1NUfevJp3NdZfOrdVa4sUZ7bjw1Y51gxEUD/ZW4T08lN8tI64FDk2ejBiun4Cez
p1SyiAS7HnH0C9C4vSIL3BTslTp+kGsVhVIqkTLBbW+PxcAo4GcgVrpVNv3D3tRD
kns9EXCZ5nRRtg1cu3/QgDExC1Gs6uxB0BJVTBeiGt9ECe11nVlEnTKdy/FRiPlr
Bah98LQnSvH0TkSzBQX0COBfmJDxNLWcx5jqCfKVJx8YtIxEvaGa0oa6aGrZaH8i
VadPoDRSOhVHquGrn3UNYOaPl0YdtPy/aVhMNZP3mSkfGP9ux3tY7q0eJ5awSOU6
mODsjN9Olq79m+VrPtfAySH8Wh7r178HMeuc1TrZeEFVzYacB0YOjxHwq9fGTckl
kCgFUGKNsLlDHzKllRLG2EdYmvnD6yHpnJrGhohEQBv8Q7iu4yAVaPLkL0P5AF53
8i2ewTQ=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIC2DCCAcCgAwIBAgIRAOwNXpIgcW40OAFqvlNy4tUwDQYJKoZIhvcNAQELBQAw
FTETMBEGA1UEAxMKa3ViZXJuZXRlczAeFw0yMTEyMDgyMTUyNTNaFw0zMTEyMDYy
MTUyNTNaMBUxEzARBgNVBAMTCmt1YmVybmV0ZXMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLPy6WXEddNq96dEqUqP15LOpA86cnk9GnGkvoYOzhq0Xh
ZqJYb/q98iLGEENiLWwzokKW8DnqSG4p46/99b5AqppJxesL1K+yw89DZ0Vdbx98
GHtzTt475kz2oOibq7IU0pIm441x6DbjGfTMsBHrXsF5kzCjiNrtDw5EN8vHkSTX
tItbJo044EcFU/eSGfrtkVQ6wWpNT30vyNeRGnF8D79kyaUwhXsg4TC8ie1sYtGP
T4SKKzrDFBS04OMdVjVK38CO+wCTLh3KWbGxK+ACyZlMbbX59MdfA7SDu8sMHvyA
LJJul0j1xekRZJM6PKPLOiQi5zfnLIrlb+pC5AixAgMBAAGjIzAhMA4GA1UdDwEB
/wQEAwICpDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAMYYiE
CKdb2q0ZKqZUNGHVWBOLm/9LOGorMK6n/keb/KFrvceINQqfhbYMv4pw9DCYskFV
/lMu4+DI8Che+RSXcIVHBNJjpwSMyGshKX6fINt9z/YyUr51oGTlMsK7+GfvLOY/
mdIhh30LdeNlDskRhI5ZRhy09LyH/d8+2+eNe3poVXtZWp/Xb1Fh1ou5eFC06D8U
sWTLd7JlKzafDeFQVEdZ0uQHeSeaa3pSvqfByyCyrSrzyfKcVGi63SjlGW3/HHOI
+chHlfqpz+NH5CnIhl0E78KjmEQdXkUVhiNdk6hu3EhzNqF2GOdjI/Oh1PEiQpgD
ZL+/yG9hw7F33ezc
-----END CERTIFICATE-----
- Both the old and new root CA certs are in it.
Test Activity
-------------
Developer Testing
Workaround
----------
Run "KUBECONFIG=/etc/kubernetes/controller-manager.conf; kubectl config set-cluster kubernetes --certificate-authority /etc/kubernetes/pki/ca.crt --embed-certs" to remove the old CA cert from controller-manager.conf
Fix proposed to branch: master /review. opendev. org/c/starlingx /stx-puppet/ +/822856
Review: https:/