cass-operator icon indicating copy to clipboard operation
cass-operator copied to clipboard
verified publisher icon k8ssandra

Enable tsreload from cass-operator

Open Miles-Garnsey opened this issue 1 year ago • 2 comments

What is missing?

Management API will soon add a new endpoint which forces a reload of the truststore. This is to enable new CA certs to be added to the node without a full restart.

I'm not sure what the best way to access this functionality is, but I presume it should probably be called from cass-operator, since that is where logic to manage the nodes usually resides.

I can see two options:

  1. We add an annotation to the pod (similar to the restart annotations that we normally add) and cass-operator picks this up before calling the management API endpoint on the specific node that needs a reload.
  2. We create a new CassandraTask which does the same.

@burmanm what are your thoughts on this? Any preference?

Why is this needed?

We have CA reloading problems.

Miles-Garnsey avatar May 10 '24 04:05 Miles-Garnsey

client.go change + a task is fine (I'm not a fan of pod annotations, since we don't listen to those). I'm assuming this is a DSE specific feature.

burmanm avatar May 13 '24 07:05 burmanm

client.go change + a task is fine (I'm not a fan of pod annotations, since we don't listen to those). I'm assuming this is a DSE specific feature.

Roger. It is DSE only, yes. We don't need to worry about this in OSS Cassandra.

Miles-Garnsey avatar May 13 '24 07:05 Miles-Garnsey

➤ Miles Garnsey commented:

Closed via this PR +truststore reload task #686+ ( https://github.com/k8ssandra/cass-operator/pull/686 )

sync-by-unito[bot] avatar Sep 17 '24 12:09 sync-by-unito[bot]