d80tb7 commented on issue #285: URL: https://github.com/apache/pulsar-helm-chart/issues/285#issuecomment-2081183119
Just to check- has anyone got cert refresh working with zookeeper? I'm of the opinion that this still won't work. Copying the explanation here from [my comment ](https://github.com/apache/pulsar-helm-chart/issues/359#issuecomment-2081182686)on #359 . ```I think the issue here is that although the Pulsar Helm Chart sets the zookeeper.client.certReload property, this isn't enough. All that property does is to get Zookeeper to update the certs when the truststore or keystore files change. When cert-manager updates the certs, this will cause the cert failes in pulsar/certs/zookeeper/ to update but nothing is going to update the keystore. The other Pulsar components (e.g. the bookie) solve this by having code inside them that watches the files under /pulsar/certs/ and then updates the keystore accordingly. Zookeeper doesn't have such code and therefore it seems to me that the certs will never be refreshed.``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
