Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 1769879: Docs: openstack self signed certs docs #3009

Merged
merged 1 commit into from Jan 31, 2020
Merged

Bug 1769879: Docs: openstack self signed certs docs #3009

merged 1 commit into from Jan 31, 2020

Conversation

iamemilio
Copy link

@iamemilio iamemilio commented Jan 29, 2020
edited

User Docs for openstack auth self signed certificates

References: https://bugzilla.redhat.com/show_bug.cgi?id=1735192

@iamemilio
Copy link
Author

/label platform/openstack

@openshift-ci-robot openshift-ci-robot added platform/openstack size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jan 29, 2020
Fedosin
Fedosin reviewed Jan 29, 2020
View reviewed changes
docs/user/openstack/README.md Outdated
sudo update-ca-trust extract
```

Next, you should add the `cacert` key to your `clouds.yaml`. Its value should be a valid path to your CA cert that does not require root privelage.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

privilege

@dulek
Copy link
Contributor

dulek commented Jan 29, 2020

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Jan 29, 2020
@Fedosin
Copy link
Contributor

Fedosin commented Jan 29, 2020

/approve

@openshift-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dulek, Fedosin

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 29, 2020
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

7 similar comments
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@mandre
Copy link
Member

mandre commented Jan 30, 2020

/hold

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 30, 2020
mandre
mandre reviewed Jan 30, 2020
View reviewed changes
docs/user/openstack/README.md Show resolved Hide resolved
docs/user/openstack/README.md Outdated
@@ -202,6 +207,26 @@ clouds:
The file can contain information about several clouds. For instance, the example above describes two clouds: `shiftstack` and `dev-evn`.
In order to determine which cloud to use, the user can either specify it in the `install-config.yaml` file under `platform.openstack.cloud` or with `OS_CLOUD` environment variable. If both are omitted, then the cloud name defaults to `openstack`.

### Self Signed OpenStack CA certificates

If your OpenStack cluster uses self signed CA certificates for endpoint auth, you will need a few additional steps to run the installer. First, make sure that the host running the installer trusts your CA certificates.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/auth/authentication/

Could we link to the OSP docs?

https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html/director_installation_and_usage/appe-ssltls_certificate_configuration#Adding_the_Certificate_Authority_to_Clients

Also, I'd like to make it clear this is a limitation -- we shouldn't have to force the node running the installer to add the cert to its system trust -- that we're actively working towards resolving?

docs/user/openstack/README.md Outdated Show resolved Hide resolved
@openshift-ci-robot openshift-ci-robot removed the lgtm Indicates that a PR is ready to be merged. label Jan 31, 2020
@mandre
Copy link
Member

mandre commented Jan 31, 2020

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jan 31, 2020
@iamemilio iamemilio changed the title Docs: openstack self signed certs docs Bug 1735192: Docs: openstack self signed certs docs Jan 31, 2020
@openshift-ci-robot openshift-ci-robot added the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label Jan 31, 2020
@openshift-ci-robot
Copy link
Contributor

@iamemilio: This pull request references Bugzilla bug 1735192, which is invalid:

  • expected the bug to be in one of the following states: NEW, ASSIGNED, ON_DEV, POST, POST, but it is ON_QA instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 1735192: Docs: openstack self signed certs docs

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@iamemilio iamemilio changed the title Bug 1735192: Docs: openstack self signed certs docs Bug 1769879: Docs: openstack self signed certs docs Jan 31, 2020
@openshift-ci-robot openshift-ci-robot added bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. and removed bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. labels Jan 31, 2020
@openshift-ci-robot
Copy link
Contributor

@iamemilio: This pull request references Bugzilla bug 1769879, which is valid. The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

Bug 1769879: Docs: openstack self signed certs docs

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@mandre
Copy link
Member

mandre commented Jan 31, 2020

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Jan 31, 2020
@mandre mandre mentioned this pull request Jan 31, 2020
Merged
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

3 similar comments
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-merge-robot openshift-merge-robot merged commit b0d828f into openshift:master Jan 31, 2020
@openshift-ci-robot
Copy link
Contributor

@iamemilio: The following tests failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/prow/e2e-aws-scaleup-rhel7 88d8723 link /test e2e-aws-scaleup-rhel7
ci/prow/e2e-aws-fips 88d8723 link /test e2e-aws-fips

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@wking
Copy link
Member

wking commented Jan 31, 2020

Also need to drop this known-issue?

@mandre
Copy link
Member

mandre commented Feb 1, 2020

Also need to drop this known-issue?

Nice catch! thanks

rna-afk pushed a commit to rna-afk/installer that referenced this pull request Feb 3, 2020
@openshift-merge-robot @rna-afk
Merge pull request openshift#3009 from iamemilio/ssc-docs
fa86547 
Bug 1769879: Docs: openstack self signed certs docs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dulek dulek dulek approved these changes

@mandre mandre mandre left review comments

@Fedosin Fedosin Fedosin left review comments

@jhixson74 jhixson74 Awaiting requested review from jhixson74

@jstuever jstuever Awaiting requested review from jstuever

Assignees

@dulek dulek

@mandre mandre

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. lgtm Indicates that a PR is ready to be merged. platform/openstack size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@iamemilio @dulek @Fedosin @openshift-ci-robot @openshift-bot @mandre @wking @openshift-merge-robot