If the operator needs to update the external certificate and key currently
being used or was installed without an external REST API SSL/TLS identity,
the helm upgrade command is used to re-start the operator
with the new or updated kubernetes tls secret that contains
the desired certificate(s).
The operator requires a re-start in order to begin using the new or udpated external
certificate. The Helm --recreate-pods flag is used to cause the existing
kubernetes pod to be terminated and a new pod to be started with the updated configuration.
For example, if the operator was installed with the Helm release name weblogic-operator
in the namespace weblogic-operator-ns and the kubernetes tls secret is named
weblogic-operator-cert, the following commands can be used to update the operator
certificate(s) and key:
$ kubectl create secret tls weblogic-operator-cert -n weblogic-operator-ns \
--cert=<path-to-certificate> --key=<path-to-private-key>
For Helm 2.x:
$ helm get values weblogic-operator
$ helm upgrade --wait --recreate-pods --reuse-values \
--set externalRestEnabled=true \
--set externalRestIdentitySecret=weblogic-operator-cert \
weblogic-operator kubernetes/charts/weblogic-operator
For Helm 3.x:
$ helm get values weblogic-operator -n weblogic-operator-ns
$ helm -n weblogic-operator-ns upgrade weblogic-operator kubernetes/charts/weblogic-operator \
--wait --recreate-pods --reuse-values \
--set externalRestEnabled=true \
--set externalRestIdentitySecret=weblogic-operator-cert