-
Notifications
You must be signed in to change notification settings - Fork 543
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable tls_cert_renewal_interval_min parameter for certificate refresh #1014
Comments
/kind feature |
Related: #988 allows the user to modify this in their own Dockerfile/entrypoint. |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close not-planned |
@k8s-triage-robot: Closing this issue, marking it as "Not Planned". In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Is your feature request related to a problem? Please describe.
By default, the Watchdog only refreshes certificate credentials every 60 minutes. We set this here, in efs_watch_dog.go.
We should make this value configurable, so that customers whom configure their temporary STS credentials to expire in a shorter time period than 60 minutes, can configure this value to be appropriate for them. This way, their credentials do not expire before we refresh their access key and token.
Describe the solution you'd like in detail
This value should be a parameter to the aws-efs-csi-driver binary. We should pass it in this argument from our Kubernetes manifest files.
The text was updated successfully, but these errors were encountered: