[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: okd web console custom SSL certificate



Hi,

You mean that using OpenShift 4.x it would be easier to change web
console certificates even if that would be installed from binaries?
Or it's just advise to use latest version + installation using ansible
playbooks?

> Hi,
>
> If you can I'd recommend OpenShift 4.x, however, if you want to stay
> on 3.11, then I'd recommend an ansible based install. It is much more
> configurable than oc cluster up.  
>
> There is an "all-in-one" inventory where it's just a single
> node. https://github.com/openshift/openshift-ansible/blob/release-3.11/inventory/hosts.localhost
>
> That way you can let ansible install the certificates and configure
> the master-config for you, and it will be a lot more repeatable.
>
> Cheers,
>
> Joel
>
> On Tue, 24 Mar 2020 at 02:33, mcom <mcom mcompany pl
> <mailto:mcom mcompany pl>> wrote:
>
>     Hello,
>
>     Maybe you can give me some hint as I've just stucked with okd web
>     console custom SSL certificate.I have all in one openshift cluster
>     (ubuntu 18, downloaded
>     https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-server-v3.11.0-0cbc58b-linux-64bit.tar.gz
>     and started by oc cluster up --public-hostname="myip" ); I was
>     trying to
>     follow 
>     https://docs.openshift.com/container-platform/3.11/install_config/certificate_customization.html
>     by making changes (in my case) in
>     openshift.local.clusterup/kube-apiserver/master-config.yaml but so for
>     with no luck (despite that it's not logical if I change
>     certificate for
>     API then it load my certificate but whole cluster cannot start
>     which is
>     logical as certificate doesn't include 127.0.0.1; when I change
>     certificate for web console (which should be correct) nothing happen -
>     cluster starts but with it's own self-generated certificate instead of
>     my own); I don't have inventory file so I could run ansible playbooks
>     but as far I'm concern working directly on master-config should be
>     also
>     possible (or maybe I'm wrong) - could you give me some hint (my OS is
>     ubuntu - not centos so many documentation cannot be directly applied
>     along with ansible playbooks as even paths are not the same)
>
>     -- 
>     MCOM Wojciech Matys
>     Doradztwo IT & Rozwiazania Sieciowe
>     tel. +48 604915987
>     e-mail: mcom mcompany pl <mailto:mcom mcompany pl>
>
>     _______________________________________________
>     users mailing list
>     users lists openshift redhat com
>     <mailto:users lists openshift redhat com>
>     http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>

-- 
MCOM Wojciech Matys
Doradztwo IT & Rozwiazania Sieciowe
tel. +48 604915987
e-mail: mcom mcompany pl


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]