summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEvgeny <eli@mirantis.com>2019-02-25 12:18:25 -0800
committerKaspars Skels <kaspars.skels@gmail.com>2019-02-28 00:07:39 +0000
commit0aac1554ccfab7ebea8294a9f5916d96ea7935a6 (patch)
tree569b900b6d7443b8c603a8710962238efec0cea6
parentefae9cd97feb47c6826006d27e3dc4b6a51485a8 (diff)
Update docs to clarify certificates requirements
During the initial configuration it's required to configure a set of valid certificates for ingress. Make it more explicit so people don't miss this step. Change-Id: Ie6477f934688467b7d5dfe1cc8191f6acff29a21
Notes
Notes (review): Code-Review+2: Kaspars Skels <kaspars.skels@gmail.com> Code-Review+1: Vladyslav Drok <vdrok@mirantis.com> Code-Review+2: Craig Anderson <craig.anderson@att.com> Workflow+1: Kaspars Skels <kaspars.skels@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Thu, 28 Feb 2019 02:37:20 +0000 Reviewed-on: https://review.openstack.org/639185 Project: openstack/airship-treasuremap Branch: refs/heads/master
-rw-r--r--doc/source/authoring_and_deployment.rst11
-rw-r--r--site/airship-seaworthy/secrets/certificates/ingress.yaml4
2 files changed, 13 insertions, 2 deletions
diff --git a/doc/source/authoring_and_deployment.rst b/doc/source/authoring_and_deployment.rst
index 86ad0e5..e1e883e 100644
--- a/doc/source/authoring_and_deployment.rst
+++ b/doc/source/authoring_and_deployment.rst
@@ -351,6 +351,17 @@ with random generated ones:
351 351
352 python3 -c "from crypt import *; print(crypt('<YOUR_PASSWORD>', METHOD_SHA512))" 352 python3 -c "from crypt import *; print(crypt('<YOUR_PASSWORD>', METHOD_SHA512))"
353 353
354Configure certificates in ``site/${NEW_SITE}/secrets/certificates/ingress.yaml``,
355they need to be issued for domain configured in a section ``data.dns.ingress_domain``
356of a file ``./site/${NEW_SITE}/networks/common-addresses.yaml``. A list of endpoints
357which will be used with these certificates can be found in the following file
358``./site/${NEW_SITE}/software/config/endpoints.yaml``.
359
360.. caution::
361
362 It's required to configure valid certificates, self-signed certificates
363 are not supported.
364
354Manifest linting and combining layers 365Manifest linting and combining layers
355~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 366~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
356 367
diff --git a/site/airship-seaworthy/secrets/certificates/ingress.yaml b/site/airship-seaworthy/secrets/certificates/ingress.yaml
index ce475d4..b799fdb 100644
--- a/site/airship-seaworthy/secrets/certificates/ingress.yaml
+++ b/site/airship-seaworthy/secrets/certificates/ingress.yaml
@@ -1,7 +1,7 @@
1--- 1---
2# Example manifest for ingress cert. 2# Example manifest for ingress cert.
3# Shall be replaced with proper/valid set. 3# NEWSITE-CHANGEME: must be replaced with proper/valid set,
4# Self-signed certs are not supported. 4# self-signed certs are not supported.
5metadata: 5metadata:
6 layeringDefinition: 6 layeringDefinition:
7 abstract: false 7 abstract: false