| Summary: | xpaas images (eg: eap) don't indicate that creating service accounts & secrets is required | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Erik M Jacobs <ejacobs> |
| Component: | Documentation | Assignee: | Bilhar <baulakh> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Vikram Goyal <vigoyal> |
| Severity: | high | Docs Contact: | Vikram Goyal <vigoyal> |
| Priority: | urgent | ||
| Version: | 3.1.0 | CC: | aos-bugs, dmace, jlucky, jokerman, kconner, mmccomas, sspeiche |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-06-20 01:59:37 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Erik M Jacobs
2016-04-14 18:26:30 UTC
If it is determined that we should not include the secrets files ( #1327312 ), then we need to indicate in the documentation how an end-user can create them for themselves. Erik, Kevin, since secrets are not created by the installer nor are they created when fetching templates, is the simple fix for now to include the content that Erik pointed to on GitHub in the xPaaS docs? https://github.com/jboss-openshift/application-templates#https-configuration I probably won't get to testing all this out until next week so that I understand it better, but if this content will be enough to address this BZ quickly, then I can get it added to the xPaaS docs. The only question is whether to add it to the individual docs for each image, or put it somewhere so that it applies to all of the images. Putting example secrets/service account definitions into the docs would be EXTREMELY helpful. Right now you basically have to know the magic -- it's barely documented anywhere, even in the upstream GitHub for the xPaaS templates. Two steps further to go: 1) document/show how to convert an SSL certificate into a secret for use with the EAP stuff. This doc is definitely tied specifically to the xPaaS things but also would be useful elsewhere in the docs more generically (how to include SSL certificates in your apps for endpoint SSL termination) -- not sure if this is already there 2) document openSSL commands to generate a certificate and process into a secret for use with the EAP stuff. Also applies similarly to #1. If #1 and #2 are already documented, we may want to link to them from the secret/SA stuff in the various xPaaS docs. *** Bug 1330325 has been marked as a duplicate of this bug. *** What's the problem with defining the SAs in the templates? Merging SAs and Secrets into the main/single template: https://github.com/openshift/online/pull/150 I'm closing this BZ as I believe we've addressed this in the current xPaaS EAP documentation on the customer portal: https://access.redhat.com/documentation/en/red-hat-xpaas/version-0/red-hat-xpaas-eap-image/#installation_and_configuration Otherwise, I'm happy to reopen if there are any other issues. Is this level of information in the ** OpenShift ** documentation? (In reply to Erik M Jacobs from comment #8) > Is this level of information in the ** OpenShift ** documentation? Hey Erik, Sorry for the late reply. Secrets, in general, are covered by the Dev Guide in the OSE docs. https://docs.openshift.com/enterprise/3.2/dev_guide/secrets.html |