Bug 1535026
| Summary: | Document configuring auth_type for ISV Registry with OAB | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Dylan Murray <dymurray> |
| Component: | Documentation | Assignee: | Alex Dellapenta <adellape> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Jian Zhang <jiazha> |
| Severity: | unspecified | Docs Contact: | Vikram Goyal <vigoyal> |
| Priority: | unspecified | ||
| Version: | 3.7.0 | CC: | adellape, aos-bugs, chezhang, jiazha, jokerman, mmccomas |
| Target Milestone: | --- | ||
| Target Release: | 3.7.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | qe_review | ||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-05-09 16:59:50 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1539310 | ||
| Bug Blocks: | |||
|
Description
Dylan Murray
2018-01-16 13:49:38 UTC
Added note about the `auth_type` requirement: http://file.rdu.redhat.com/~adellape/121317/brokerconfig/install_config/oab_broker_configuration.html#oab-broker-config-isv Added `auth_type` and `auth_name` to the table: http://file.rdu.redhat.com/~adellape/121317/brokerconfig/install_config/oab_broker_configuration.html#oab-broker-config-registry New "Storing Registry Credentials" subsection: http://file.rdu.redhat.com/~adellape/121317/brokerconfig/install_config/oab_broker_configuration.html#oab-broker-config-registry-storing-creds Please help to define the "Target Release". Thx. Alex, Thanks for your update! But, for the "Storing Registry Credentials" subsection, we have a bug about the "file" auth type. Here: https://bugzilla.redhat.com/show_bug.cgi?id=1539310. Another problem, I think we should replace the "registry.access.redhat.com" with "https://registry.connect.redhat.com" in that doc description. Because users do NOT need to config the user/pass to access the "registry.access.redhat.com" registry. The other two docs look good to me. Jian, Thank you! Updates made per your feedback, see: https://github.com/openshift/openshift-docs/pull/6755#issuecomment-361344953 Alex, Thanks for your update! From this PR info, I think it will be released in version 3.9, right? If yes, I think we should add the "Target Release" info for this bug. And, for 3.9 scenarios, I added some comments in your PR. I changed status to ASSIGNED since need updating. I've set this BZ to target release 3.7.z, and I'll make a separate PR for tracking the fix into 3.9 docs. Alex, Thanks! Actually, for version 3.7, we just need to point out the "auth_type: config" is a necessary. And, where is your PR of the 3.7 docs? The https://github.com/openshift/openshift-docs/pull/6755#issuecomment-361344953 is 3.9 docs, right? I see the PR merge request to the master branch. Jian, see latest comments in https://github.com/openshift/openshift-docs/pull/6755#issuecomment-362708805. Alex, Thanks for your update! I added some comments to it, change status to ASSIGNED since need updating. Thank you again, PR updated: https://github.com/openshift/openshift-docs/pull/6755#issuecomment-363148584 Alex, Thanks! For "Storing Registry Credentials" section, it looks good to me. But, for "ISV Registry", I found the registry name was NOT updated per my comments. I think we should update the name in order to avoid confusion. Sorry, I don't know how that kept getting missed. Fixed via https://github.com/openshift/openshift-docs/pull/7611. And here is the 3.9 PR to remove the requirement for BZ#1526949: https://github.com/openshift/openshift-docs/pull/7614 Preview: http://file.rdu.redhat.com/~adellape/020618/oab_openshift39/install_config/oab_broker_configuration.html Alex,
For 3.9 version, we have removed the "config" type. It means the below configs will work. So, I think we can remove the "config" type instructions in 3.9 version.
registry:
...
- type: openshift
name: isv
url: https://registry.connect.redhat.com
user: xxx
pass: xxx
images:
- rocketchat/rocketchat-apb
white_list:
- ".*-apb$"
Thanks, I've rewritten to remove mention of the `config` type completely for 3.9+: http://file.rdu.redhat.com/~adellape/021318/oab_openshift39/install_config/oab_broker_configuration.html#oab-config-registry http://file.rdu.redhat.com/~adellape/021318/oab_openshift39/install_config/oab_broker_configuration.html#oab-config-registry-storing-creds http://file.rdu.redhat.com/~adellape/021318/oab_openshift39/install_config/oab_broker_configuration.html#oab-config-isv Alex,
Thanks for your update! There are still two places need to be updated.
1)For the secret type, the users also need to specify the namespace, like below:
registry:
- name: isv
type: openshift
url: https://registry.connect.redhat.com
auth_type: secret
auth_name: registry-credentials-secret
...
openshift:
namespace: openshift-ansible-service-broker
...
2)For the file type, the containers.volumeMounts section, its format should be:
volumeMounts:
- mountPath: /tmp/registry-credentials
name: reg-auth
Thanks, updates made. Alex, Thanks for your update! It looks good to me! Commit pushed to master at https://github.com/openshift/openshift-docs https://github.com/openshift/openshift-docs/commit/0feb7347e450836423a0cae6eea12810f00fef4e Merge pull request #7984 from adellape/origin_oab_prefix Bug 1535026: Fix OAB prefix/registry for Origin https://docs.openshift.com/container-platform/3.9/install_config/oab_broker_configuration.html#oab-config-registry https://docs.openshift.com/container-platform/3.9/install_config/oab_broker_configuration.html#oab-config-registry-storing-creds https://docs.openshift.com/container-platform/3.9/install_config/oab_broker_configuration.html#oab-config-isv |