Bug 1473438

Summary: [DOCS] Logging secure forward patch command formatting
Product: OpenShift Container Platform Reporter: Steven Walter <stwalter>
Component: DocumentationAssignee: Brandi Munilla <bmcelvee>
Status: CLOSED CURRENTRELEASE QA Contact: Anping Li <anli>
Severity: medium Docs Contact: Vikram Goyal <vigoyal>
Priority: unspecified    
Version: 3.4.0CC: aos-bugs, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-07-23 17:27:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Steven Walter 2017-07-20 20:46:43 UTC 
Document URL: 
https://docs.openshift.com/container-platform/3.4/install_config/aggregate_logging.html

Section Number and Name: 
Understanding Deployment -> Fluentd ->  Configuring Fluentd to Send Logs to an External Log Aggregator

Describe the issue: 
The patch commands are a tad confusing. 

$ oc patch secrets/logging-fluentd --type=json \
  --patch "[{'op':'add','path':'/data/your_ca_cert','value':'$(base64 /path/to/your_ca_cert.pem)'}]"
$ oc patch secrets/logging-fluentd --type=json \
  --patch "[{'op':'add','path':'/data/your_private_key','value':'$(base64 /path/to/your_private_key.pem)'}]"

It points to /data/your_ca_cert and /data/your_private_key -- it is misleading and people mistake this to mean /path/to/your/cert/on/this/host when in reality this is a path inside the json. In the json it's {"data": {"your_private_key"}} but this is not obvious to the outside view

Error you get when you think that "path" is asking for path on your machine:

Error from server: jsonpatch add operation does not apply: doc is missing path: /etc/origin/master/ca.crt


Suggestions for improvement: 
Add a note saying "Replace 'your_private_key' with some generic name. This is not a path on your host system, but is the link to the JSON path." or something similar to that. 

Additional information:
Comment 1 Brandi Munilla 2018-06-22 20:27:56 UTC 
Added the note in the following PR:

https://github.com/openshift/openshift-docs/pull/10368

Anping, PTAL. 

Thanks!
Comment 2 Anping Li 2018-06-29 07:24:31 UTC 
LGTM
Comment 3 openshift-github-bot 2018-07-19 20:02:15 UTC 
Commits pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/7b16a9abe2f67c7409771de3a8c09557bad2349d
Bug 1473438 Clarify your_private_key in patch commands

https://github.com/openshift/openshift-docs/commit/141eeb898b0e152d5e23447cfe02a34eb279c2d9
Merge pull request #10368 from bmcelvee/BZ1473483

Bug 1473438 Clarify your_private_key in patch commands
Comment 4 Brandi Munilla 2018-07-23 17:27:09 UTC 
Documentation updated: https://access.redhat.com/documentation/en-us/openshift_container_platform/3.9/html-single/installation_and_configuration/#aggregated-fluentd