Kubeconfig Invalidated after Kubernetes Cluster Upgrade of PMK Clusters
Last updated
The kubeconfig which was working before upgrade no longer works after the upgrade with an error like below
x509: certificate signed by unknown authorityPlatform9 Managed Kubernetes - v5.6 and Higher
Platform9 is aware about the issue and an internal bug with ID: PMK-6421 has already been reported for this issue.
Whenever the Cluster CA is rotated, the kubeconfig gets invalidated. This is the expected behavior as per product design.
Cluster CA is valid for 10 years and is rotated every 5 years. So after every 5 years, the kubeconfig needs to be rotated/replaced.
On subsequent cluster upgrades, as long as the CA isn’t rotated again, the older/existing kubeconfig will remain valid between version upgrades.
Reach out to Platform9 Support with the aforementioned Bug ID for more information.
Last updated