For sharded deployments with TLS cluster sometimes goes into "maintenance" mode with "enabling TLS" message #379

dmitry-ratushnyy · 2024-03-19T13:27:17Z

Steps to reproduce

All steps to reproduce are not clear, however these steps were performed when issue was discovered

Deploy sharded cluster on LXD + Juju 3.1.7
Deploy self-signed-certificates operator
Integrate all shards and config server with self-signed-certificates operator
Remove relation between self-signed-certificates and all shards and config server
Integrate all shards and config server with self-signed-certificates operator for the second time.

Note:
You can adjust juju update-status hook time to speedup reproducibility with
juju model-config update-status-hook-interval=10s

Once TLS is enabled, if the certificate did not expired cluster should not re-enable TLS once it is enabled

Operating system:

Juju CLI:

Juju agent: 3.1.7

Charm revision:

LXD:

Juju debug log:

github-actions · 2024-03-19T13:27:32Z

dmitry-ratushnyy · 2024-03-19T13:29:34Z

Upd: same happens on AWS deployment

MiaAltieri · 2024-03-19T17:30:32Z

@dmitry-ratushnyy can you send the exact commands you sent to achieve this?

dmitry-ratushnyy · 2024-03-26T10:38:25Z

Upd: This also might be an issue with "self-signed-certificates" charm and is require additional investigation

dmitry-ratushnyy added the bug Something isn't working label Mar 19, 2024