Closed Knickkennedy closed 1 year ago
Please add a md file for the SSP recipe as well in the docs folder.
Please add a md file for the SSP recipe as well in the docs folder.
Fixed
@Knickkennedy, in the recipe md file, can we provide the oc cmd for the user to retrieve the SSP URL and list the default credentials from the env file. Otherwise it looks good.
@hollisc added default credentials and route command!
This PR depends on merge of https://github.com/cloud-native-toolkit/multi-tenancy-gitops-services/pull/61
Just some comments on the documentation - maybe @Knickkennedy can put those in before the merge:
ibmc-file-silver
- You mentioned that this should be RWO per docs, but the template and storageclass you use are RWX and File Your run-setup.sh has an error that the kubeseal output is going to the terminal instead of a YAML file.
Here is the run-setup.sh that I use and working: https://github.com/vbudi-gitops-test/multi-tenancy-gitops-services/blob/master/instances/sterling-secure-proxy-setup/run-setup.sh
Another - the list in SCC volumes should be alphabetical - otherwise it will show as OOS
Several more:
pod/ibm-ssp-cm-ibm-ssp-cm-0 condition met
Defaulted container "ibm-ssp-cm-ibm-ssp-cm" out of: ibm-ssp-cm-ibm-ssp-cm, ibm-ssp-cm-ibm-ssp-cm-init-secret (init)
WARNING: cannot use rsync: rsync not available in container
Defaulted container "ibm-ssp-cm-ibm-ssp-cm" out of: ibm-ssp-cm-ibm-ssp-cm, ibm-ssp-cm-ibm-ssp-cm-init-secret (init)
tar: defkeyCert.txt: Cannot stat: Permission denied
tar: Exiting with failure status due to previous errors
error: error creating remote tar of source directory: command terminated with exit code 2
error: error reading ./tmp/defkeyCert.txt: no such file or directory
error: no objects passed to apply
Hook job does not work - my modified version is here (and it works) https://github.com/vbudi-gitops-test/multi-tenancy-gitops-services/blob/master/instances/sterling-secure-proxy-hook/keycert-hook-job.yaml maybe can use this one - the problem that I found is the cm sts is using group 1000, so it cannot access the PVC as is with oc rsync or oc cp; and as the pvc is RWX, you can just mount it
All pods are running, but the last verification steps to connect to CM cant get through; the cm sts logs has this:
Exception in thread "qtp432306461-24" java/lang/NoClassDefFoundError: com.ibm.oti.util.Msg
at java/lang/ThreadGroup.uncaughtException (ThreadGroup.java:867)
at java/lang/ThreadGroup.uncaughtException (ThreadGroup.java:861)
at java/lang/Thread.uncaughtException (Thread.java:1336)
Summary:
can this be merged? anyone test recently? @hollisc @vbudi000
can this be merged? anyone test recently? @hollisc @vbudi000
can this be merged? anyone test recently? @hollisc @vbudi000
@Knickkennedy , can you please have a look at Budi's comments above, I believe we were waiting for those changes to get into the PR before merging.
@Knickkennedy @hollisc following up - can this be merged?
Signed-off-by: Knicholas Kennedy Knicholas.Kennedy@ibm.com
This is a pretty comprehensive cleanup and rework of the gitops configuration for the SSP containerized deployment.