KIM has to avoid service interruptions when Gardener credentials get changed #402
Labels
area/control-plane
Related to all activities around Kyma Control Plane
kind/feature
Categorizes issue or PR as related to a new feature.
Comments
tobiscr
added
kind/feature
tobiscr
changed the title
2 tasks
|
@tobiscr : clarify with Huskies what mechanism they are using |
|
=> tool is https://github.com/stakater/Reloader |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Currently, KIM is stopping to rotate the Kubeconfig (and after taking over provisioning responsibilties) and to provision Gardener clusters when Gardener credentials were changed. KIM should detect a change of the credentials and use the new values (e.g. either by hot-reloading or by triggering a restart of KIM by setting the response of the liveness-probe to "unhealthy" or by introducing the tool https://github.com/stakater/Reloader).
KIM is using the secret from the Provisioner for retrieving the Gardener credentials. This has to be changed as the Provisioner will be decommissioned in the coming weeks. KIM has to use it's own secret for it.
AC:
Reasons
Avoid service interruptions when credentials for 3rd party systems (e.g. Gardener) were changed.
Attachments
The text was updated successfully, but these errors were encountered: