New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1769879: Docs: openstack self signed certs docs #3009
Conversation
/label platform/openstack |
docs/user/openstack/README.md
Outdated
sudo update-ca-trust extract | ||
``` | ||
|
||
Next, you should add the `cacert` key to your `clouds.yaml`. Its value should be a valid path to your CA cert that does not require root privelage. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
privilege
/lgtm |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dulek, Fedosin The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest Please review the full test history for this PR and help us cut down flakes. |
7 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/hold |
docs/user/openstack/README.md
Outdated
@@ -202,6 +207,26 @@ clouds: | |||
The file can contain information about several clouds. For instance, the example above describes two clouds: `shiftstack` and `dev-evn`. | |||
In order to determine which cloud to use, the user can either specify it in the `install-config.yaml` file under `platform.openstack.cloud` or with `OS_CLOUD` environment variable. If both are omitted, then the cloud name defaults to `openstack`. | |||
|
|||
### Self Signed OpenStack CA certificates | |||
|
|||
If your OpenStack cluster uses self signed CA certificates for endpoint auth, you will need a few additional steps to run the installer. First, make sure that the host running the installer trusts your CA certificates. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/auth/authentication/
Could we link to the OSP docs?
Also, I'd like to make it clear this is a limitation -- we shouldn't have to force the node running the installer to add the cert to its system trust -- that we're actively working towards resolving?
/hold cancel |
@iamemilio: This pull request references Bugzilla bug 1735192, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@iamemilio: This pull request references Bugzilla bug 1769879, which is valid. The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/lgtm |
/retest Please review the full test history for this PR and help us cut down flakes. |
3 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
@iamemilio: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Also need to drop this known-issue? |
Nice catch! thanks |
Bug 1769879: Docs: openstack self signed certs docs
User Docs for openstack auth self signed certificates
References: https://bugzilla.redhat.com/show_bug.cgi?id=1735192