StarlingX

  1. Bug #2042982
  2. Comment #2

Comment 2 for bug 2042982

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to stx-puppet (master)

Reviewed: https://review.opendev.org/c/starlingx/stx-puppet/+/900376
Committed: https://opendev.org/starlingx/stx-puppet/commit/094f9e87d70c62299644a09c5497ee41792dc51d
Submitter: "Zuul (22348)"
Branch: master

commit 094f9e87d70c62299644a09c5497ee41792dc51d
Author: Andy Ning <email address hidden>
Date: Tue Nov 7 16:51:54 2023 -0500

    Add cluster-host unit IP to apiserver cert SANs

    When OAM IP changes, platform::kubernetes::certsans::runtime class in
    kubernetes.pp is applied. The runtime puppet class will update
    apiserver's certificate among other configuration updates. However
    the cluster-host unit IP address is missing from the cert's SAN list
    after the update on SX system.

    This change fixed the issue by adding cluster-host unit IP address back
    to apiserver cert's SAN list for SX system.

    Test Plan:
    PASS: On a AIO-SX system, run "system oam-modify oam_ip=<new IP>" to
          change its OAM IP address. Verify controller's cluster-host unit
          IP address is in the cert's SAN list after OAM IP address has
          been changed.

    Closes-Bug: 2042982
    Signed-off-by: Andy Ning <email address hidden>
    Change-Id: Ib18644a4babf7a9549dc55653119d24bb34a97df