Commit a22edb2
committed
Converge log_cache_syslog_tls certificate
- In #949 Log Cache was split out from the doppler instance group to its
own log-cache instance group
- Log Cache was also configured to use syslog ingress by default, rather
than the previous behaviour which was to use the Reverse Log Proxy
- Operators who had previously used the experimental ops-file to opt into
syslog ingress (operations/experimental/use-logcache-syslog-ingress.yml)
would already have had the `log_cache_syslog_tls` credential in their
CredHub
- When these operators attempted to upgrade to v18.0.0 the certificate
was not re-generated by default, leading to a mismatch between the new
service name and the existing certificate
- Specify `update_mode: converge` so that the certificate is re-generated
and the syslog agent will be able to send logs to the log cache syslog
server
Fixes:
```
failed to write to log-cache.service.cf.internal:6067, retrying in 8.192s, err: x509: certificate is valid for q-s3.doppler.default.cf.bosh, doppler.service.cf.internal, not log-cache.service.cf.internal
```1 parent b38e1eb commit a22edb2
1 file changed
+1
-0
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2262 | 2262 | | |
2263 | 2263 | | |
2264 | 2264 | | |
| 2265 | + | |
2265 | 2266 | | |
2266 | 2267 | | |
2267 | 2268 | | |
| |||
0 commit comments