OK, but the real question is..How did you break it? I mean there are so many cool choices with K8S that you might have done it two completely different ways
Discussion
Oh man, I try different things every time to keep it fresh.
I am guilty of a horrific sin - didn’t update for a year and my certs expired. Then when I updated them manually, they didn’t propagate correctly and we’ve been dealing with intermittent connectivity issues when scaling up services ever since. On a weird note I feel 10-70% certain that I figured out the last node causing issues today.
Then…yesterday our DC had a “cooling malfunction” on the rack of one of our workers to add to the fun.
We have to migrate to a new region soon too, I can’t wait!!!
Yeah, the certificate expiration thing is ugly. I normally update every 6 months to avoid it, but I think they could handle it better (like auto-renewal).