[WIP] PROD-615-proxy-enablement #16392

bmcelvee · 2019-08-26T21:17:58Z

https://jira.coreos.com/browse/OSDOCS-468

openshift-docs-preview-bot · 2019-08-26T21:20:34Z

The preview will be available shortly at:

https://PROD-615-proxy-enablement--ocpdocs.netlify.com/

danehans · 2019-08-28T23:28:13Z

installing/install_config/enable-cluster-wide-proxy.adoc

+    name: ""
+status:
+----
+


@bmcelvee currently enable-cluster-wide-proxy.adoc provides guidance on how to modify a cluster to enable proxy, but not how to create a cluster with proxy enabled. Do you mind using some of the references I provided here to expand enable-cluster-wide-proxy.adoc or create a new doc that provides the steps for creating a new cluster with proxy enabled?

I think we'll need a separate assembly to cover the installation with proxy piece. @bmcelvee, I might have time to make that next week.

danehans · 2019-08-28T23:33:48Z

I think it would be beneficial to add a proxy section under networking that leverages the details of this doc. I think it's important for people to understand what the controllers do, which operator runs the controller, how the CA injection stuff works, etc..

danehans · 2019-08-30T18:58:09Z

modules/installation-proxy-configure-object.adoc

+  selfLink: /apis/config.openshift.io/v1/proxies/cluster
+  uid: <user ID string>
+spec:
+  httpProxy: http://admin:admin@35.196.128.173:3128


Please change so the doc is not referencing our test proxy.

danehans · 2019-08-30T18:58:15Z

modules/installation-proxy-configure-object.adoc

+  uid: <user ID string>
+spec:
+  httpProxy: http://admin:admin@35.196.128.173:3128
+  httpsProxy: https://admin:admin@35.231.5.161:3128


Please change so the doc is not referencing our test proxy.

danehans · 2019-08-30T18:58:20Z

modules/installation-proxy-configure-object.adoc

+  trustedCA:
+    name: user-ca-bundle
+status:
+  httpProxy: http://admin:admin@35.196.128.173:3128


Please change so the doc is not referencing our test proxy.

danehans · 2019-08-30T18:58:24Z

modules/installation-proxy-configure-object.adoc

+    name: user-ca-bundle
+status:
+  httpProxy: http://admin:admin@35.196.128.173:3128
+  httpsProxy: https://admin:admin@35.231.5.161:3128


Please change so the doc is not referencing our test proxy.

danehans · 2019-09-03T17:29:21Z

@bmcelvee due to https://bugzilla.redhat.com/show_bug.cgi?id=1743174, a docs note is needed stating: The install config machineCIDR directive is used to bypass proxy for internal cluster connections. For deployments such as bare-metal that do not use machineCIDR, one of the following steps should be completed for proxy to function properly:

Cluster node IP's should be assigned from machineCIDR.
machineCIDR should be updated to reflect the CIDR being used for cluster nodes
Add cluster node IPs or CIDR to noProxy of proxy "cluster".

This might be a good place for the docs note. However, the example install config provided does not include a machineCIDR. Here is my install-config:

$ cat latest-proxy/install-config.yaml 
apiVersion: v1
baseDomain: devcluster.openshift.com
compute:
- hyperthreading: Enabled
  name: worker
  platform: {}
  replicas: 3
controlPlane:
  hyperthreading: Enabled
  name: master
  platform: {}
  replicas: 3
metadata:
  creationTimestamp: null
  name: latest-proxy
networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14
    hostPrefix: 23
  machineCIDR: 10.0.0.0/16
  networkType: OpenShiftSDN
  serviceNetwork:
  - 172.30.0.0/16
platform:
  aws:
    region: us-west-2
pullSecret: <PULL_SECRET>
sshKey: |
  ssh-rsa <SSH_KEY>

bergerhoffer · 2019-09-12T01:08:29Z

Closing this PR in favor of #16562.

bmcelvee added the branch/enterprise-4.2 label Aug 26, 2019

bmcelvee added this to the Future Release milestone Aug 26, 2019

openshift-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Aug 26, 2019

danehans reviewed Aug 28, 2019

View reviewed changes

danehans reviewed Aug 30, 2019

View reviewed changes

PROD-615-proxy-enablement

e9b3e6c

bmcelvee force-pushed the PROD-615-proxy-enablement branch from e905816 to e9b3e6c Compare September 5, 2019 20:06

bergerhoffer mentioned this pull request Sep 10, 2019

PROD-615-proxy-enablement #16562

Merged

bergerhoffer closed this Sep 12, 2019

vikram-redhat removed the branch/enterprise-4.2 label Sep 23, 2019

vikram-redhat removed this from the Future Release milestone Sep 23, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[WIP] PROD-615-proxy-enablement #16392

[WIP] PROD-615-proxy-enablement #16392

bmcelvee commented Aug 26, 2019

openshift-docs-preview-bot commented Aug 26, 2019

danehans Aug 28, 2019

kalexand-rh Sep 5, 2019

danehans commented Aug 28, 2019

danehans Aug 30, 2019

danehans Aug 30, 2019

danehans Aug 30, 2019

danehans Aug 30, 2019

danehans commented Sep 3, 2019 •

edited

bergerhoffer commented Sep 12, 2019

[WIP] PROD-615-proxy-enablement #16392

[WIP] PROD-615-proxy-enablement #16392

Conversation

bmcelvee commented Aug 26, 2019

openshift-docs-preview-bot commented Aug 26, 2019

danehans Aug 28, 2019

Choose a reason for hiding this comment

kalexand-rh Sep 5, 2019

Choose a reason for hiding this comment

danehans commented Aug 28, 2019

danehans Aug 30, 2019

Choose a reason for hiding this comment

danehans Aug 30, 2019

Choose a reason for hiding this comment

danehans Aug 30, 2019

Choose a reason for hiding this comment

danehans Aug 30, 2019

Choose a reason for hiding this comment

danehans commented Sep 3, 2019 • edited

bergerhoffer commented Sep 12, 2019

danehans commented Sep 3, 2019 •

edited