Document URL ============ https://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.6/html/managing_hybrid_and_multicloud_resources/object-bucket-claim Section Number and Name ======================= Section 8.1. Dynamic Object Bucket Claim Describe the issue ================== The text explains how to create ObjectBucketClaim so that OCS/NooBaa provisions an object bucket based on the request, and how to use the provisioned bucket in an application. Since the object service endpoint is encrypted via tls, an application accesing the endpoint also needs to have access to ssl certificate which will help the app to verify that the endpoint is correct. But this information is missing in the text. Suggestions for improvement =========================== A new step should be added into the section, eg. between step #2 (which explains how to set env variables like BUCKET_NAME, BUCKET_HOST, ... in yaml spec of an app) and step #3 (which tells the reader to run oc apply). This step should include a description how to: - locate tls certificate the noobaa endpoint is signed with - how to make the certificate available in the containerized app Additional information ====================== The endpoint seems to be self signed.
Could we use "OpenShift Service CA Operator"[1] for this use case? Is there an opportunity for NooBaa to make this integration easier? [1] https://github.com/openshift/service-ca-operator/blob/master/README.md