-
Bug
-
Resolution: Fixed
-
Normal
-
None
-
None
-
None
-
NDS Sprint 21, NDS Sprint 22
When deploying test clusters, it is often helpful to name the cluster after its reason for existing. This helps tell us when it is safe to clean them back up to reclaim resources.
Unfortunately due to an oversight, these certs are often reused when they shouldn't be, being applied to ingress rules for domains that due not match the certs themselves, leading to errors in the loadbalancer:
W0914 15:55:16.808986 1 controller.go:942] SSL Certificate stored in secret ndslabs-tls-secret is not valid for the host www.mlnds542test.ndslabs.org defined in the Ingress rule ndslabs-ingress
|
W0914 15:55:16.809251 1 controller.go:942] SSL Certificate stored in secret ndslabs-tls-secret is not valid for the host www.mlnds542test.ndslabs.org defined in the Ingress rule kube-lma-ingress
|
This ticket is complete when the generated certs are named after their designated cluster, instead of just ndslabs.key / ndslabs.crt.