Ah thanks! oc cluster up picked it up for me. I guess I need to use the --public-hostname option to override it?
On Mon, Dec 11, 2017 at 3:10 PM, Clayton Coleman <ccoleman redhat com> wrote:When you ran oc cluster up, did you explicitly set the master to run on 127.0.0.1, or did it select that address for you?OAuth won’t work when the master is set to 127.0.0.1 (nor will a number of other functions)
On Dec 11, 2017, at 6:38 AM, Simon Pasquier <spasquie redhat com> wrote:Hi,I've played with oauth-proxy  on my local OpenShift cluster (eg oc cluster up). The first thing I've tried was the sidecar example  in the contrib directory but to make it work, I had to tweak the CLI arguments of the proxy. In practice, I've added the following options:--redeem-url="">https://openshift
.default.svc/oauth/token--validate-url="">https://openshi ft.default.svc/apis/user.~ openshift.io/v1/users/--openshift-review-url="">https:/ /openshift.default.svc/apis/au thorization.openshift.io/v1/su bjectaccessreviews(the last one is only required to use openshift-sar)Without these changes, the oauth proxy couldn't authenticate clients because there is a discrepancy between the OAuth endpoints exposed by the Openshift API and the public certificate (see oauth logs at ).Is that expected? Did I miss some documentation?Thanks!Simon______________________________ _________________
users mailing list
users lists openshift redhat c