Hide Forgot
In order to use (for example) the eap64 template, you must create secrets and service account entries, which are not provided by the template. https://github.com/jboss-openshift/application-templates/tree/master/secrets This is also related to https://bugzilla.redhat.com/show_bug.cgi?id=1327312 because we're missing these secret files. https://github.com/jboss-openshift/application-templates#https-configuration describes creating the secrets, which is not documented.
If it is determined that we should not include the secrets files ( #1327312 ), then we need to indicate in the documentation how an end-user can create them for themselves.
Erik, Kevin, since secrets are not created by the installer nor are they created when fetching templates, is the simple fix for now to include the content that Erik pointed to on GitHub in the xPaaS docs? https://github.com/jboss-openshift/application-templates#https-configuration I probably won't get to testing all this out until next week so that I understand it better, but if this content will be enough to address this BZ quickly, then I can get it added to the xPaaS docs. The only question is whether to add it to the individual docs for each image, or put it somewhere so that it applies to all of the images.
Putting example secrets/service account definitions into the docs would be EXTREMELY helpful. Right now you basically have to know the magic -- it's barely documented anywhere, even in the upstream GitHub for the xPaaS templates. Two steps further to go: 1) document/show how to convert an SSL certificate into a secret for use with the EAP stuff. This doc is definitely tied specifically to the xPaaS things but also would be useful elsewhere in the docs more generically (how to include SSL certificates in your apps for endpoint SSL termination) -- not sure if this is already there 2) document openSSL commands to generate a certificate and process into a secret for use with the EAP stuff. Also applies similarly to #1. If #1 and #2 are already documented, we may want to link to them from the secret/SA stuff in the various xPaaS docs.
*** Bug 1330325 has been marked as a duplicate of this bug. ***
What's the problem with defining the SAs in the templates?
Merging SAs and Secrets into the main/single template: https://github.com/openshift/online/pull/150
I'm closing this BZ as I believe we've addressed this in the current xPaaS EAP documentation on the customer portal: https://access.redhat.com/documentation/en/red-hat-xpaas/version-0/red-hat-xpaas-eap-image/#installation_and_configuration Otherwise, I'm happy to reopen if there are any other issues.
Is this level of information in the ** OpenShift ** documentation?
(In reply to Erik M Jacobs from comment #8) > Is this level of information in the ** OpenShift ** documentation? Hey Erik, Sorry for the late reply. Secrets, in general, are covered by the Dev Guide in the OSE docs. https://docs.openshift.com/enterprise/3.2/dev_guide/secrets.html