As already reported in the sibling repo rustfs/rustfs#3857, it is very important to allow to override clusterDomain via Helm values. At the moment RUSTFS_VOLUMES always uses the hardcoded .cluster.local as the root cluster domain. However, in our production environment we use a custom cluster domain which causes the operator to fail to create a tenant.
At the moment due to hardcoded cluster.local domain the following error occurs when deploying a tenant with TLS enabled:
Last Error Message: TLS certificate in Secret 'prod-rustfs-private-certificate-secret' key 'tls.crt'
does not cover required DNS names: prod-rustfs-mse-nvme-500-0.prod-rustfs-hl.mse.svc.cluster.local,
prod-rustfs-mse-nvme-500-1.prod-rustfs-hl.mse.svc.cluster.local,
prod-rustfs-mse-nvme-500-2.prod-rustfs-hl.mse.svc.cluster.local,
prod-rustfs-hl.mse.svc, prod-rustfs-hl.mse.svc.cluster.local, prod-rustfs-io.mse.svc,
prod-rustfs-io.mse.svc.cluster.local
The following DNS names are covered in the private certificate issued by CertManager:
dnsNames:
- prod-rustfs-hl.mse.svc.k8s.mse.cloud
- '*.prod-rustfs-hl.mse.svc.k8s.mse.cloud'
As already reported in the sibling repo rustfs/rustfs#3857, it is very important to allow to override
clusterDomainvia Helm values. At the momentRUSTFS_VOLUMESalways uses the hardcoded.cluster.localas the root cluster domain. However, in our production environment we use a custom cluster domain which causes the operator to fail to create a tenant.At the moment due to hardcoded
cluster.localdomain the following error occurs when deploying a tenant with TLS enabled:The following DNS names are covered in the private certificate issued by CertManager: