I'm wanting to allow external access to the openshift registry, but am
finding that the SSL certificates used are self-signed and so not
trusted. And they do not include the public hostname of the registry so
seem to be only suitable for access within the cluster.
Is there a mechanism for creating a public route for the registry and
providing trusted certs in the ansible installer along the lines of the
'openshift_master_named_certificates' property in the inventory file
that handles this for the master API and console.
I know there are manual steps described [1] for doing this but these
seem quite involved and not that easy to automate.
Note: this would need to handle the routes for both the registry and the
registry console.
Note: we are currently stuck on version 3.7, but imagine this applies to
more recent versions too.
[1]
https://docs.okd.io/3.7/install_config/registry/securing_and_exposing_registry.html#exposing-the-registry
_______________________________________________
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users