Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Release-1.25] - Support Server Token Rotation #8297

Closed
dereknola opened this issue Sep 5, 2023 · 1 comment
Closed

[Release-1.25] - Support Server Token Rotation #8297

dereknola opened this issue Sep 5, 2023 · 1 comment
Assignees
@dereknola @ShylajaDevadiga
Milestone
v1.25.15+k3s1

Comments

@dereknola
Copy link
Member

Backport fix for Support Server Token Rotation
@dereknola dereknola self-assigned this Sep 5, 2023
@caroline-suse-rancher caroline-suse-rancher added this to the v1.25.15+k3s1 milestone Sep 20, 2023
@dereknola dereknola mentioned this issue Oct 9, 2023
Merged
@ShylajaDevadiga
Copy link
Contributor

Validated using commit id 6afee00 from release-1.25 branch

Environment Details

Infrastructure
Cloud EC2 instance

Node(s) CPU architecture, OS, and Version:
Ubuntu 22.04

Cluster Configuration:
3 server 1 agent node

Config.yaml:

cat /etc/rancher/k3s/config,yaml
write-kubeconfig-mode: "0644"
node-external-ip: <IP>
cluster-init: true
token: token1

Steps to reproduce the issue and validate the fix

  1. Copy config.yaml
  2. Install k3s
  3. k3s token rotate --token token1 --new-token=token2
  4. Update config.yaml with new token
  5. Restart k3s service on all nodes
  6. Reboot all nodes
  7. Verify cluster is up and pods are in running state

Validation results:

ubuntu@ip-172-31-11-138:~$ kubectl get nodes
NAME               STATUS   ROLES                       AGE   VERSION
ip-172-31-11-138   Ready    control-plane,etcd,master   13m   v1.25.14+k3s-6afee00e
ip-172-31-12-87    Ready    <none>                      12m   v1.25.14+k3s-6afee00e
ip-172-31-13-245   Ready    control-plane,etcd,master   13m   v1.25.14+k3s-6afee00e
ip-172-31-8-249    Ready    control-plane,etcd,master   13m   v1.25.14+k3s-6afee00e
ubuntu@ip-172-31-11-138:~$ kubectl get pods -A
NAMESPACE     NAME                                      READY   STATUS      RESTARTS        AGE
kube-system   coredns-8b9777675-pj94j                   1/1     Running     0               13m
kube-system   helm-install-traefik-crd-qm4vj            0/1     Completed   0               13m
kube-system   helm-install-traefik-d2j79                0/1     Completed   1               13m
kube-system   local-path-provisioner-69dff9496c-52vxj   1/1     Running     0               13m
kube-system   metrics-server-854c559bd-f2k5x            1/1     Running     0               13m
kube-system   svclb-traefik-9494a6a5-8rclj              2/2     Running     0               13m
kube-system   svclb-traefik-9494a6a5-pbktk              2/2     Running     2 (7m26s ago)   13m
kube-system   svclb-traefik-9494a6a5-qdg7l              2/2     Running     0               12m
kube-system   svclb-traefik-9494a6a5-tkb2b              2/2     Running     0               13m
kube-system   traefik-66fd46ccd-f9d7c                   1/1     Running     1 (7m26s ago)   13m
ubuntu@ip-172-31-11-138:~$

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dereknola dereknola

@ShylajaDevadiga ShylajaDevadiga

Labels
None yet
Projects
K3s Development
Archived in project
Milestone
v1.25.15+k3s1
Development

No branches or pull requests
3 participants
@dereknola @ShylajaDevadiga @caroline-suse-rancher