Renewing certificates for the Kubernetes cluster
Kubernetes certificates are valid for one year. Ensure that certificates are always valid
by renewing them regularly, before they expire. When Kubernetes certificates expire,
Kubernetes commands such as kubectl
stop working and backup scripts
start failing on the deployer.
Certificates are automatically renewed in some scenarios, for example:
- When the Fabric Services System software is reinstalled, certificates for the Kubernetes cluster are generated with a one year validity from the date of installation.
- When you are upgrading Fabric Services System software, and certificates are
renewed when the Kubernetes version is upgraded.
For example, when you upgrade software from Release 24.5.2 to 24.8.x, the Kubernetes version does not change, so certificates are not renewed. When you upgrade from Release 23.8.x to 24.5.x, the Kubernetes version is upgraded, so certificates are renewed during the upgrade.