Align subject in the key pair to be the same as the documentation

[patrocinio]

The https-nginx/Makefile refers to subject as "/CN=nginxsvc/O=nginxsvc" while the documentation at the "Securing the Service" section expects it to be "/CN=my-nginx/O=my-nginx"

So if we run using the Makefile instead of the manual process doumented below, the service creation fails.

This PR aligns the subject in the openssl command with the documentation.

It addresses https://github.com/kubernetes/website/issues/34322

Signed-off-by: Eduardo Patrocinio epatro@gmail.com

[k8s-ci-robot]

Welcome @patrocinio!

It looks like this is your first PR to kubernetes/examples 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/examples has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. :smiley:

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: patrocinio To complete the pull request process, please assign sebgoa after the PR has been reviewed. You can assign the PR to them by writing /assign @sebgoa in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes/examples/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[patrocinio]

/assign @sebgoa

[Shubham82]

Hi @patrocinio we can't change it. Actually, when we use nginx https example we use the service having the name nginxsvc, See nginx-app.yaml file which use to create service and ReplicationController. And when we do it manually we use the service having the name my-nginx. I checked both nginx https example it's working fine.

[Shubham82]

one error that I faced during the investigation it is on creating keys and certs manually which is mentioned in the docs:

$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /d/tmp/nginx.key -out /d/tmp/nginx.crt -subj "/CN=my-nginx/O=my-nginx" Generating a RSA private key .....................................................................+++++ ...................................................+++++ writing new private key to '/d/tmp/nginx.key' req: Can't open "/d/tmp/nginx.key" for writing, No such file or directory

Instead of /d/tmp we should use /tmp directory for a smooth process.

[patrocinio]

Hello @sebgoa

When I follow the Makefile version, it fails to let me test the https connection, as it is registering as nginxsvc. The only way it worked for me was to follow the README, and registering as my-nginx.

I understand the change might be bigger than updating the Makefile command, as it is being used in the other files in. that example/directory. I also thought about changing the documentation, but that would require language translations.

Thanks

[patrocinio]

Hello @Shubham82

have you tried to run the example using the Makefile? When I do that, it fails for me, and I need to follow the alternate path described in the documentation to make it work.

Thanks

[Shubham82]

Hi @patrocinio I tried the example in which keys and certs are created using the Makefile followed by steps mentioned in README.md.

In docs the manual steps start from here:

Following are the manual steps to follow in case you run into problems running make (on windows for example)

I think we have to remove the content of nginx https example i.e making keys, certs using Makefile, secrets, and configmap from the docs (before the manual steps). because I think it creates confusion for the readers.

[patrocinio]

Hello @Shubham82 I agree. Asking the user to follow the Makefile and see it failing, then to follow the manual process is confusing. I'll create a new PR for the docs to remove the Makefile step. Thanks

[patrocinio]

I created a new PR in the Kubernetes/website repository https://github.com/kubernetes/website/pull/34567 to modify the documentation. With that, I can disregard this PR