[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

trusted certs for registry

I'm wanting to allow external access to the openshift registry, but am finding that the SSL certificates used are self-signed and so not trusted. And they do not include the public hostname of the registry so seem to be only suitable for access within the cluster.

Is there a mechanism for creating a public route for the registry and providing trusted certs in the ansible installer along the lines of the 'openshift_master_named_certificates' property in the inventory file that handles this for the master API and console.

I know there are manual steps described [1] for doing this but these seem quite involved and not that easy to automate.

Note: this would need to handle the routes for both the registry and the registry console. Note: we are currently stuck on version 3.7, but imagine this applies to more recent versions too.

[1] https://docs.okd.io/3.7/install_config/registry/securing_and_exposing_registry.html#exposing-the-registry

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]