Bug 2009698

Summary: [Doc][ODF/external RGW] : Add details about set up TLS enabled RGW
Product: [Red Hat Storage] Red Hat OpenShift Data Foundation Reporter: Jiffin <jthottan>
Component: documentationAssignee: Erin Donnelly <edonnell>
Status: ASSIGNED --- QA Contact: Elad <ebenahar>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.9CC: asriram, jaryan, jthottan, maydin, odf-bz-bot
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jiffin 2021-10-01 11:34:36 UTC 
Describe the issue:
How to set up external RGW with TLS enabled?

Describe the task you were trying to accomplish:
Mention about option in external script ceph-external-cluster-details-exporter.py

Suggestions for improvement:
 --rgw-tls-cert-path <RGW_TLS_CERT_PATH>
This option is required if the external RGW is running in HTTPS endpoint, if cert needs to be provided in a file for the script. The scripts create k8s secret "ceph-rgw-tls-cert".

Document URL:
https://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.8/html/deploying_openshift_container_storage_in_external_mode/creating-an-openshift-container-storage-cluster-service-for-external-storage_rhocs

Chapter/Section Number and Title:
Chapter 4. Creating an OpenShift Container Storage Cluster service for external mode

Product Version:
4.9
Environment Details:
External ceph cluster
Any other versions of this document that also needs this update:

Additional information:

Please note OBC/cephobjectstore resources does not hold this cert the information. Either user can request different client certs from the admin (if it running a different namespace than objectstore/ceph cluster) for their applications. Or else if they run on the same namespace then can use the "ceph-rgw-tls-cert"
Comment 3 Mustafa Aydın 2022-02-06 07:40:07 UTC 
Please also  be aware of the BZ https://bugzilla.redhat.com/show_bug.cgi?id=2051076