Bug 1289441 - [DOCS] Metrics Deployer Secrets to use own certificates
Summary: [DOCS] Metrics Deployer Secrets to use own certificates
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Documentation
Version: 3.1.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: ---
Assignee: Ashley Hardin
QA Contact: chunchen
Vikram Goyal
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-12-08 06:43 UTC by Jaspreet Kaur
Modified: 2019-09-12 09:30 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-08-23 17:44:00 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Jaspreet Kaur 2015-12-08 06:43:10 UTC
Document URL:  https://access.redhat.com/documentation/en/openshift-enterprise/version-3.1/installation-and-configuration/#metrics-deployer-secrets

Section Number and Name: 16.5.1. Metrics Deployer Secrets

Describe the issue: There is a mention of providing customer certs but there isn't any mention of what of certs are valid. What should be the CNAME for this certificates.


Suggestions for improvement: Please mention how can we configure custom certs for enabling metrics. What all things should be taken care.

 Also, how can we update  the url used by Heapster to connect to Hawkular Metrics.

Additional information: 

http://post-office.corp.redhat.com/archives/openshift-sme/2015-December/msg00336.html

Comment 1 Ryan Howe 2016-06-15 21:24:54 UTC
I believe this would be best if we outline better that we structure the docs in a fashion that recommends deploying metrics using internal certs and then using re-encrypting route to provide your own certs. 

Then we add this step at the bottom showing how to provide your custom certs to a secret and then redeploying the metrics template.  

Providing Your Own Certificates

https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html#metrics-using-secrets-byo-certs


In the 3.1+ docs we say what names the certs should have. 
At least 2 names need to be in the cert:

  hawkular-metrics 
  HAWKULAR_METRICS_HOSTNAME

Comment 2 Ashley Hardin 2016-08-02 18:57:00 UTC
Work in progress:
https://github.com/openshift/openshift-docs/pull/2598

Comment 3 chunchen 2016-08-22 02:12:34 UTC
Will verify it while above PR is merged.

Comment 4 openshift-github-bot 2016-08-22 11:02:37 UTC
Commits pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/5694831957caa8a8c771b00b9cf8f2b397294445
Bug 1289441, added clarifying details within Providing Your Own Certificates

https://github.com/openshift/openshift-docs/commit/3ddce7478c2152e886768083cff20413d179e8ac
Merge pull request #2598 from ahardin-rh/metrics-deployer-secrets

Bug 1289441, added clarifying details in Providing Your Own Certificates


Note You need to log in before you can comment on or make changes to this bug.