[
https://issues.apache.org/jira/browse/KNOX-3304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18075309#comment-18075309
]
Selvamohan Neethiraj commented on KNOX-3304:
--------------------------------------------
There are couple of issues with the PR:
# Docker image did not have curl command installed and failing some commands
to get certs from Amazon/LetsEncrypt.
# Lets Encrypt Cert names from Curl command are not matching with the import
statements.
# Keytool does not throw errors on stanard error stream (it is sending it to
stdout). So we have to redirect both stdout and stderr to the /dev/null.
I am attaching couple of patches that fixes these issue. Let me know if you can
review and add it. I have build the docker container and deployed in k8s env
and it works fine.
[^0001-KNOX-3304-added-installation-of-curl-in-the-Docker.patch]
[^0002-KNOX-3304-fixed-import-of-letsencrupt-root-cert.patch]
> Support for Openshift/SCC
> -------------------------
>
> Key: KNOX-3304
> URL: https://issues.apache.org/jira/browse/KNOX-3304
> Project: Apache Knox
> Issue Type: Task
> Components: docker
> Affects Versions: 2.1.0
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Attachments:
> 0001-KNOX-3304-added-installation-of-curl-in-the-Docker.patch,
> 0002-KNOX-3304-fixed-import-of-letsencrupt-root-cert.patch
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> The current docker image that is generated does not work with Openshift and
> ECS platform due to restrictions imposed by the platforms. Specifically,
> there are two requirements
> # The helm chart that installs Knox image should use an arbitrary runAsUser
> # The helm chart should not have any runAsGroup and fsUserĀ
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
