1289441 – [DOCS] Metrics Deployer Secrets to use own certificates

Bug 1289441 - [DOCS] Metrics Deployer Secrets to use own certificates

Summary: [DOCS] Metrics Deployer Secrets to use own certificates

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Documentation
Sub Component:
Version:	3.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Ashley Hardin
QA Contact:	chunchen
Docs Contact:	Vikram Goyal
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-12-08 06:43 UTC by Jaspreet Kaur
Modified:	2019-09-12 09:30 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-08-23 17:44:00 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Jaspreet Kaur 2015-12-08 06:43:10 UTC

Document URL:  https://access.redhat.com/documentation/en/openshift-enterprise/version-3.1/installation-and-configuration/#metrics-deployer-secrets

Section Number and Name: 16.5.1. Metrics Deployer Secrets

Describe the issue: There is a mention of providing customer certs but there isn't any mention of what of certs are valid. What should be the CNAME for this certificates.


Suggestions for improvement: Please mention how can we configure custom certs for enabling metrics. What all things should be taken care.

 Also, how can we update  the url used by Heapster to connect to Hawkular Metrics.

Additional information: 

http://post-office.corp.redhat.com/archives/openshift-sme/2015-December/msg00336.html

Comment 1 Ryan Howe 2016-06-15 21:24:54 UTC

I believe this would be best if we outline better that we structure the docs in a fashion that recommends deploying metrics using internal certs and then using re-encrypting route to provide your own certs. 

Then we add this step at the bottom showing how to provide your custom certs to a secret and then redeploying the metrics template.  

Providing Your Own Certificates

https://docs.openshift.com/enterprise/latest/install_config/cluster_metrics.html#metrics-using-secrets-byo-certs


In the 3.1+ docs we say what names the certs should have. 
At least 2 names need to be in the cert:

  hawkular-metrics 
  HAWKULAR_METRICS_HOSTNAME

Comment 2 Ashley Hardin 2016-08-02 18:57:00 UTC

Work in progress:
https://github.com/openshift/openshift-docs/pull/2598

Comment 3 chunchen 2016-08-22 02:12:34 UTC

Will verify it while above PR is merged.

Comment 4 openshift-github-bot 2016-08-22 11:02:37 UTC

Commits pushed to master at https://github.com/openshift/openshift-docs

https://github.com/openshift/openshift-docs/commit/5694831957caa8a8c771b00b9cf8f2b397294445
Bug 1289441, added clarifying details within Providing Your Own Certificates

https://github.com/openshift/openshift-docs/commit/3ddce7478c2152e886768083cff20413d179e8ac
Merge pull request #2598 from ahardin-rh/metrics-deployer-secrets

Bug 1289441, added clarifying details in Providing Your Own Certificates

Comment 5 Ashley Hardin 2016-08-23 17:44:00 UTC

Content is now published: https://access.redhat.com/documentation/en/openshift-enterprise/3.2/single/installation-and-configuration/#metrics-using-secrets-byo-certs

Note You need to log in before you can comment on or make changes to this bug.