You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Dec 12, 2025. It is now read-only.
Copy file name to clipboardExpand all lines: docs/install-upgrade.md
+16Lines changed: 16 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -201,3 +201,19 @@ Make sure you run commands in the correct namespace.
201
201
kubectl delete pod <sts-name>-0
202
202
```
203
203
d. You're done. Now Kubernetes will create the pod fresh, causing the migration to run and then the pod to start up. Then kubernetes will proceed creating the next pod until it reaches the number specified in your cr.
204
+
205
+
## Rotating TLS certificate for the MongoDB deployment
206
+
207
+
Renew the secret for your TLS certificates
208
+
```
209
+
kubectl create secret tls <secret_name> \
210
+
--cert=<replica-set-tls-cert> \
211
+
--key=<replica-set-tls-key> \
212
+
--dry-run=client \
213
+
-o yaml |
214
+
kubectl apply -f -
215
+
```
216
+
*`secret_name` is what you've specified under `Spec.Security.TLS.CertificateKeySecret.Name`*.
217
+
218
+
If you're using a tool like cert-manager, you can follow [these instructions](https://cert-manager.io/docs/usage/certificate/#renewal) to rotate the certificate.
219
+
The operator should would watch the secret change and re-trigger a reconcile process.
0 commit comments