Merge "Update admin tasks folder"
This commit is contained in:
commit
d95d23373d
@ -16,7 +16,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-list [--nowrap]
|
~(keystone_admin)]$ system application-list [--nowrap]
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
@ -27,7 +27,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-list --nowrap
|
~(keystone_admin)]$ system application-list --nowrap
|
||||||
|
|
||||||
+-------------+---------+---------------+---------------+----------+-----------+
|
+-------------+---------+---------------+---------------+----------+-----------+
|
||||||
| application | version | manifest name | manifest file | status | progress |
|
| application | version | manifest name | manifest file | status | progress |
|
||||||
@ -43,7 +43,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-show <app_name>
|
~(keystone_admin)]$ system application-show <app_name>
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
@ -54,7 +54,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-show stx-openstack
|
~(keystone_admin)]$ system application-show stx-openstack
|
||||||
|
|
||||||
+---------------+----------------------------------+
|
+---------------+----------------------------------+
|
||||||
| Property | Value |
|
| Property | Value |
|
||||||
@ -75,7 +75,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-upload [-n | --app-name] <app_name> [-v | --version] <version> <tar_file>
|
~(keystone_admin)]$ system application-upload [-n | --app-name] <app_name> [-v | --version] <version> <tar_file>
|
||||||
|
|
||||||
where the following are optional arguments:
|
where the following are optional arguments:
|
||||||
|
|
||||||
@ -95,7 +95,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-upload stx-openstack-1.0-18.tgz
|
~(keystone_admin)]$ system application-upload stx-openstack-1.0-18.tgz
|
||||||
+---------------+----------------------------------+
|
+---------------+----------------------------------+
|
||||||
| Property | Value |
|
| Property | Value |
|
||||||
+---------------+----------------------------------+
|
+---------------+----------------------------------+
|
||||||
@ -117,7 +117,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-list
|
~(keystone_admin)]$ system helm-override-list
|
||||||
usage: system helm-override-list [--nowrap] [-l | --long] <app_name>
|
usage: system helm-override-list [--nowrap] [-l | --long] <app_name>
|
||||||
|
|
||||||
where the following is a positional argument:
|
where the following is a positional argument:
|
||||||
@ -137,7 +137,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-list stx-openstack --long
|
~(keystone_admin)]$ system helm-override-list stx-openstack --long
|
||||||
+---------------------+--------------------------------+---------------+
|
+---------------------+--------------------------------+---------------+
|
||||||
| chart name | overrides namespaces | chart enabled |
|
| chart name | overrides namespaces | chart enabled |
|
||||||
+---------------------+--------------------------------+---------------+
|
+---------------------+--------------------------------+---------------+
|
||||||
@ -176,7 +176,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-show
|
~(keystone_admin)]$ system helm-override-show
|
||||||
usage: system helm-override-show <app_name> <chart_name> <namespace>
|
usage: system helm-override-show <app_name> <chart_name> <namespace>
|
||||||
|
|
||||||
where the following are positional arguments:
|
where the following are positional arguments:
|
||||||
@ -194,7 +194,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-show stx-openstack glance openstack
|
~(keystone_admin)]$ system helm-override-show stx-openstack glance openstack
|
||||||
|
|
||||||
- To modify service configuration parameters using user-specified overrides,
|
- To modify service configuration parameters using user-specified overrides,
|
||||||
use the following command. To update a single configuration parameter, you
|
use the following command. To update a single configuration parameter, you
|
||||||
@ -203,7 +203,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-update
|
~(keystone_admin)]$ system helm-override-update
|
||||||
usage: system helm-override-update <app_name> <chart_name> <namespace> --reuse-values --reset-values --values <file_name> --set <commandline_overrides>
|
usage: system helm-override-update <app_name> <chart_name> <namespace> --reuse-values --reset-values --values <file_name> --set <commandline_overrides>
|
||||||
|
|
||||||
where the following are positional arguments:
|
where the following are positional arguments:
|
||||||
@ -241,7 +241,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-update stx-openstack glance openstack --set conf.glance.DEFAULT.DEBUG=true
|
~(keystone_admin)]$ system helm-override-update stx-openstack glance openstack --set conf.glance.DEFAULT.DEBUG=true
|
||||||
+----------------+-------------------+
|
+----------------+-------------------+
|
||||||
| Property | Value |
|
| Property | Value |
|
||||||
+----------------+-------------------+
|
+----------------+-------------------+
|
||||||
@ -267,7 +267,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-chart-attribute-modify [--enabled <true/false>] <app_name> <chart_name> <namespace>
|
~(keystone_admin)]$ system helm-chart-attribute-modify [--enabled <true/false>] <app_name> <chart_name> <namespace>
|
||||||
|
|
||||||
where the following is an optional argument:
|
where the following is an optional argument:
|
||||||
|
|
||||||
@ -293,7 +293,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-delete
|
~(keystone_admin)]$ system helm-override-delete
|
||||||
usage: system helm-override-delete <app_name> <chart_name> <namespace>
|
usage: system helm-override-delete <app_name> <chart_name> <namespace>
|
||||||
|
|
||||||
where the following are positional arguments:
|
where the following are positional arguments:
|
||||||
@ -311,7 +311,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system helm-override-delete stx-openstack glance openstack
|
~(keystone_admin)]$ system helm-override-delete stx-openstack glance openstack
|
||||||
Deleted chart overrides glance:openstack for application stx-openstack
|
Deleted chart overrides glance:openstack for application stx-openstack
|
||||||
|
|
||||||
- Use the following command to apply or reapply an application, making it
|
- Use the following command to apply or reapply an application, making it
|
||||||
@ -319,7 +319,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-apply [-m | --mode] <mode> <app_name>
|
~(keystone_admin)]$ system application-apply [-m | --mode] <mode> <app_name>
|
||||||
|
|
||||||
where the following is an optional argument:
|
where the following is an optional argument:
|
||||||
|
|
||||||
@ -337,7 +337,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-apply stx-openstack
|
~(keystone_admin)]$ system application-apply stx-openstack
|
||||||
+---------------+----------------------------------+
|
+---------------+----------------------------------+
|
||||||
| Property | Value |
|
| Property | Value |
|
||||||
+---------------+----------------------------------+
|
+---------------+----------------------------------+
|
||||||
@ -358,7 +358,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-abort <app_name>
|
~(keystone_admin)]$ system application-abort <app_name>
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
@ -369,7 +369,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-abort stx-openstack
|
~(keystone_admin)]$ system application-abort stx-openstack
|
||||||
Application abort request has been accepted. If the previous operation has not
|
Application abort request has been accepted. If the previous operation has not
|
||||||
completed/failed, it will be cancelled shortly.
|
completed/failed, it will be cancelled shortly.
|
||||||
|
|
||||||
@ -381,7 +381,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-update [-n | --app-name] <app_name> [-v | --app-version] <version> <tar_file>
|
~(keystone_admin)]$ system application-update [-n | --app-name] <app_name> [-v | --app-version] <version> <tar_file>
|
||||||
|
|
||||||
where the following are optional arguments:
|
where the following are optional arguments:
|
||||||
|
|
||||||
@ -393,7 +393,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-list
|
~(keystone_admin)]$ system application-list
|
||||||
+--------------------------+----------+-------------------------------+---------------------------+----------+-----------+
|
+--------------------------+----------+-------------------------------+---------------------------+----------+-----------+
|
||||||
| application | version | manifest name | manifest file | status | progress |
|
| application | version | manifest name | manifest file | status | progress |
|
||||||
+--------------------------+----------+-------------------------------+---------------------------+----------+-----------+
|
+--------------------------+----------+-------------------------------+---------------------------+----------+-----------+
|
||||||
@ -423,7 +423,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-remove <app_name>
|
~(keystone_admin)]$ system application-remove <app_name>
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
@ -434,7 +434,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-remove stx-openstack
|
~(keystone_admin)]$ system application-remove stx-openstack
|
||||||
+---------------+----------------------------------+
|
+---------------+----------------------------------+
|
||||||
| Property | Value |
|
| Property | Value |
|
||||||
+---------------+----------------------------------+
|
+---------------+----------------------------------+
|
||||||
@ -458,7 +458,7 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-delete <app_name>
|
~(keystone_admin)]$ system application-delete <app_name>
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
@ -471,5 +471,5 @@ commands to manage containerized applications provided as part of |prod|.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system application-delete stx-openstack
|
~(keystone_admin)]$ system application-delete stx-openstack
|
||||||
Application stx-openstack deleted.
|
Application stx-openstack deleted.
|
@ -21,7 +21,7 @@ associated space from the file system. To do so, you must also run the
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system registry-image-list
|
~(keystone_admin)]$ system registry-image-list
|
||||||
+------------------------------------------------------+
|
+------------------------------------------------------+
|
||||||
| Image Name |
|
| Image Name |
|
||||||
+------------------------------------------------------+
|
+------------------------------------------------------+
|
||||||
@ -46,13 +46,13 @@ associated space from the file system. To do so, you must also run the
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system registry-image-tags <imageName>
|
~(keystone_admin)]$ system registry-image-tags <imageName>
|
||||||
|
|
||||||
#. Free file system space.
|
#. Free file system space.
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system registry-image-delete <imageName>:<tagName>
|
~(keystone_admin)]$ system registry-image-delete <imageName>:<tagName>
|
||||||
|
|
||||||
This step only removes the registry's reference to the **image:tag**.
|
This step only removes the registry's reference to the **image:tag**.
|
||||||
|
|
||||||
@ -75,7 +75,7 @@ associated space from the file system. To do so, you must also run the
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system registry-garbage-collect
|
~(keystone_admin)]$ system registry-garbage-collect
|
||||||
Running docker registry garbage collect
|
Running docker registry garbage collect
|
||||||
|
|
||||||
.. note::
|
.. note::
|
||||||
|
@ -11,50 +11,58 @@ The local Docker registry provides secure HTTPS access using the registry API.
|
|||||||
.. rubric:: |context|
|
.. rubric:: |context|
|
||||||
|
|
||||||
By default a self-signed certificate is generated at installation time for the
|
By default a self-signed certificate is generated at installation time for the
|
||||||
registry API. For more secure access, a Root CA-signed certificate is strongly
|
registry API. For more secure access, an intermediate or Root CA-signed
|
||||||
recommended.
|
certificate is strongly recommended.
|
||||||
|
|
||||||
The Root CA-signed certificate for the registry must have at least the
|
The intermediate or Root CA-signed certificate for the registry must have at
|
||||||
following |SANs|: DNS:registry.local,DNS:registry.central,
|
least the following |SANs|: DNS:registry.local, DNS:registry.central, IP
|
||||||
IP Address:<oam-floating-ip-address>, IP Address:<mgmt-floating-ip-address>.
|
Address:<oam-floating-ip-address>, IP Address:<mgmt-floating-ip-address>. Use
|
||||||
Use the :command:`system addrpool-list` command to get the |OAM| floating IP
|
the :command:`system addrpool-list` command to get the |OAM| floating IP
|
||||||
Address and management floating IP Address for your system. You can add any
|
Address and management floating IP Address for your system. You can add any
|
||||||
additional DNS entry\(s\) that you have set up for your OAM floating IP Address.
|
additional |DNS| entry\(s\) that you have set up for your |OAM| floating IP
|
||||||
|
Address.
|
||||||
|
|
||||||
Use the following procedure to install a Root CA-signed certificate to either
|
Use the following procedure to install an intermediate or Root CA-signed
|
||||||
replace the default self-signed certificate or to replace an expired or soon to
|
certificate to either replace the default self-signed certificate or to replace
|
||||||
expire certificate.
|
an expired or soon to expire certificate.
|
||||||
|
|
||||||
.. rubric:: |prereq|
|
.. rubric:: |prereq|
|
||||||
|
|
||||||
Obtain a Root CA-signed certificate and key from a trusted Root Certificate
|
Obtain an intermediate or Root CA-signed certificate and key from a trusted
|
||||||
Authority \(CA\). Refer to the documentation for the external Root CA that you
|
intermediate or Root Certificate Authority \(CA\). Refer to the documentation
|
||||||
are using, on how to create public certificate and private key pairs, signed by
|
for the external Root CA that you are using, on how to create public
|
||||||
a Root CA, for HTTPS.
|
certificate and private key pairs, signed by an intermediate or Root CA, for
|
||||||
|
HTTPS.
|
||||||
|
|
||||||
.. xreflink For lab purposes, see |sec-doc|: :ref:`Locally Creating Certificates <creating-certificates-locally-using-openssl>` to create a test Root CA certificate and key, and use it to sign test certificates.
|
.. xreflink For lab purposes, see |sec-doc|: :ref:`Locally Creating
|
||||||
|
Certificates <creating-certificates-locally-using-openssl>` to create a
|
||||||
|
Intermediate or test Root CA certificate and key, and use it to sign test
|
||||||
|
certificates.
|
||||||
|
|
||||||
Put the Privacy Enhanced Mail \(PEM\) encoded versions of the certificate and
|
Put the Privacy Enhanced Mail \(PEM\) encoded versions of the certificate and
|
||||||
key in a single file, and copy the file to the controller host.
|
key in a single file, and copy the file to the controller host.
|
||||||
|
|
||||||
Also obtain the certificate of the Root CA that signed the above certificate.
|
Also obtain the certificate of the intermediate or Root CA that signed the
|
||||||
|
above certificate.
|
||||||
|
|
||||||
.. rubric:: |proc|
|
.. rubric:: |proc|
|
||||||
|
|
||||||
|
.. _installing-updating-the-docker-registry-certificate-d271e71:
|
||||||
|
|
||||||
#. In order to enable internal use of the Docker registry certificate, update
|
#. In order to enable internal use of the Docker registry certificate, update
|
||||||
the trusted CA list for this system with the Root CA associated with the
|
the trusted CA list for this system with the Root CA associated with the
|
||||||
Docker registry certificate.
|
Docker registry certificate.
|
||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system certificate-install --mode ssl_ca <pathTocertificate>
|
~(keystone_admin)]$ system certificate-install --mode ssl_ca <pathTocertificate>
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
**<pathTocertificate>**
|
**<pathTocertificate>**
|
||||||
|
|
||||||
is the path to the Root CA certificate associated with the Docker
|
is the path to the intermediate or Root CA certificate associated with the
|
||||||
registry Root CA-signed certificate.
|
Docker registry's intermediate or Root CA-signed certificate.
|
||||||
|
|
||||||
#. Update the Docker registry certificate using the
|
#. Update the Docker registry certificate using the
|
||||||
:command:`certificate-install` command.
|
:command:`certificate-install` command.
|
||||||
@ -63,11 +71,11 @@ Also obtain the certificate of the Root CA that signed the above certificate.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ system certificate-install --mode docker_registry <pathTocertificateAndKey>
|
~(keystone_admin)]$ system certificate-install --mode docker_registry <pathTocertificateAndKey>
|
||||||
|
|
||||||
where:
|
where:
|
||||||
|
|
||||||
**<pathTocertificateAndKey>**
|
**<pathTocertificateAndKey>**
|
||||||
|
|
||||||
is the path to the file containing both the Docker registry certificate
|
is the path to the file containing both the Docker registry's Intermediate
|
||||||
and private key to install.
|
or Root CA-signed certificate and private key to install.
|
||||||
|
@ -15,12 +15,26 @@ For example:
|
|||||||
|
|
||||||
$ docker login registry.local:9001 -u <keystoneUserName> -p <keystonePassword>
|
$ docker login registry.local:9001 -u <keystoneUserName> -p <keystonePassword>
|
||||||
|
|
||||||
An authorized administrator can perform any Docker action, while regular users
|
An authorized administrator \('admin' and 'sysinv'\) can perform any Docker
|
||||||
can only interact with their own repositories
|
action. Regular users can only interact with their own repositories \(i.e.
|
||||||
\(i.e. registry.local:9001/<keystoneUserName>/\). For example, only
|
registry.local:9001/<keystoneUserName>/\). Any authenticated user can pull from
|
||||||
**admin** and **testuser** accounts can push to or pull from
|
the following list of public images:
|
||||||
|
|
||||||
|
.. _kubernetes-admin-tutorials-authentication-and-authorization-d383e50:
|
||||||
|
|
||||||
|
- registry.local:9001:/public/\*
|
||||||
|
|
||||||
|
- registry.local:9001:/k8s.gcr.io/pause
|
||||||
|
|
||||||
|
- registry.local:9001:/quay.io/jetstack/cert-manager-acmesolver
|
||||||
|
|
||||||
|
The **mtce** user can only pull public images, but cannot push any images.
|
||||||
|
|
||||||
|
For example, only **admin** and **testuser** accounts can push to or pull from
|
||||||
**registry.local:9001/testuser/busybox:latest**
|
**registry.local:9001/testuser/busybox:latest**
|
||||||
|
|
||||||
|
.. _kubernetes-admin-tutorials-authentication-and-authorization-d383e87:
|
||||||
|
|
||||||
---------------------------------
|
---------------------------------
|
||||||
Username and Docker compatibility
|
Username and Docker compatibility
|
||||||
---------------------------------
|
---------------------------------
|
||||||
@ -32,6 +46,14 @@ example, the user **testuser** is correct in the following URL, while
|
|||||||
|
|
||||||
**registry.local:9001/testuser/busybox:latest**
|
**registry.local:9001/testuser/busybox:latest**
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
Use of the auto-generated self-signed certificate for the registry
|
||||||
|
certificate is not recommended. If you must do so, then from the central
|
||||||
|
cloud/systemController, access to the local registry can only be done using
|
||||||
|
registry.local:9001. registry.central:9001 will be inaccessible. Installing
|
||||||
|
a |CA|-signed certificate for the registry and the certificate of the |CA| as
|
||||||
|
an 'ssl\_ca' certificate will remove this restriction.
|
||||||
|
|
||||||
For more information about Docker commands, see
|
For more information about Docker commands, see
|
||||||
`https://docs.docker.com/engine/reference/commandline/docker/ <https://docs.docker.com/engine/reference/commandline/docker/>`__.
|
`https://docs.docker.com/engine/reference/commandline/docker/ <https://docs.docker.com/engine/reference/commandline/docker/>`__.
|
||||||
|
|
||||||
|
@ -28,7 +28,7 @@ Use the following command to list the Helm repositories:
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ helm repo list
|
~(keystone_admin)]$ helm repo list
|
||||||
NAME URL
|
NAME URL
|
||||||
stable `https://kubernetes-charts.storage.googleapis.com`__
|
stable `https://kubernetes-charts.storage.googleapis.com`__
|
||||||
local `http://127.0.0.1:8879/charts`__
|
local `http://127.0.0.1:8879/charts`__
|
||||||
|
@ -26,6 +26,8 @@ information.
|
|||||||
CLI commands for managing the lifecycle of an application, which includes
|
CLI commands for managing the lifecycle of an application, which includes
|
||||||
managing overrides to the Helm charts within the application.
|
managing overrides to the Helm charts within the application.
|
||||||
|
|
||||||
|
.. _kubernetes-admin-tutorials-tarlingx-application-package-manager-d463e61:
|
||||||
|
|
||||||
.. table:: Table 1. Application Package Manager Commands
|
.. table:: Table 1. Application Package Manager Commands
|
||||||
:widths: auto
|
:widths: auto
|
||||||
|
|
||||||
|
@ -22,13 +22,13 @@ those images by sharing the registry/public user's credentials with other users.
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ openstack project create registry
|
~(keystone_admin)]$ openstack project create registry
|
||||||
~(keystone_admin)$ TENANTNAME="registry"
|
~(keystone_admin)]$ TENANTNAME="registry"
|
||||||
~(keystone_admin)$ TENANTID=`openstack project list | grep ${TENANTNAME} | awk '{print $2}'`
|
~(keystone_admin)]$ TENANTID=`openstack project list | grep ${TENANTNAME} | awk '{print $2}'`
|
||||||
~(keystone_admin)$ USERNAME="public"
|
~(keystone_admin)]$ USERNAME="public"
|
||||||
~(keystone_admin)$ USERPASSWORD="${USERNAME}K8*"
|
~(keystone_admin)]$ USERPASSWORD="${USERNAME}K8*"
|
||||||
~(keystone_admin)$ openstack user create --password ${USERPASSWORD} --project ${TENANTID} ${USERNAME}
|
~(keystone_admin)]$ openstack user create --password ${USERPASSWORD} --project ${TENANTID} ${USERNAME}
|
||||||
~(keystone_admin)$ openstack role add --project ${TENANTNAME} --user ${USERNAME} _member
|
~(keystone_admin)]$ openstack role add --project ${TENANTNAME} --user ${USERNAME} _member
|
||||||
|
|
||||||
#. Create a secret containing the credentials of the public repository in
|
#. Create a secret containing the credentials of the public repository in
|
||||||
kube-system namespace.
|
kube-system namespace.
|
||||||
|
@ -14,7 +14,7 @@ then run the following commands:
|
|||||||
|
|
||||||
.. code-block:: none
|
.. code-block:: none
|
||||||
|
|
||||||
~(keystone_admin)$ kubectl delete pod/cmk-uninstall-webhook -n kube-system
|
~(keystone_admin)]$ kubectl delete pod/cmk-uninstall-webhook -n kube-system
|
||||||
~(keystone_admin)$ kubectl delete ds cmk-uninstall -n kube-system
|
~(keystone_admin)]$ kubectl delete ds cmk-uninstall -n kube-system
|
||||||
~(keystone_admin)$ kubectl delete pod delete-uninstall -n kube-system
|
~(keystone_admin)]$ kubectl delete pod delete-uninstall -n kube-system
|
||||||
|
|
||||||
|
@ -19,11 +19,13 @@
|
|||||||
.. |CAs| replace:: :abbr:`CAs (Certificate Authorities)`
|
.. |CAs| replace:: :abbr:`CAs (Certificate Authorities)`
|
||||||
.. |CLI| replace:: :abbr:`CLI (Command Line Interface)`
|
.. |CLI| replace:: :abbr:`CLI (Command Line Interface)`
|
||||||
.. |CNI| replace:: :abbr:`CNI (Container Networking Interface)`
|
.. |CNI| replace:: :abbr:`CNI (Container Networking Interface)`
|
||||||
|
.. |CMK| replace:: :abbr:`CMK (CPU Manager for Kubernetes)`
|
||||||
.. |CoW| replace:: :abbr:`CoW (Copy on Write)`
|
.. |CoW| replace:: :abbr:`CoW (Copy on Write)`
|
||||||
.. |CSK| replace:: :abbr:`CSK (Code Signing Key)`
|
.. |CSK| replace:: :abbr:`CSK (Code Signing Key)`
|
||||||
.. |CSKs| replace:: :abbr:`CSKs (Code Signing Keys)`
|
.. |CSKs| replace:: :abbr:`CSKs (Code Signing Keys)`
|
||||||
.. |CVE| replace:: :abbr:`CVE (Common Vulnerabilities and Exposures)`
|
.. |CVE| replace:: :abbr:`CVE (Common Vulnerabilities and Exposures)`
|
||||||
.. |DHCP| replace:: :abbr:`DHCP (Dynamic Host Configuration Protocol)`
|
.. |DHCP| replace:: :abbr:`DHCP (Dynamic Host Configuration Protocol)`
|
||||||
|
.. |DNS| replace:: :abbr:`DNS (Domain Name System)`
|
||||||
.. |DPDK| replace:: :abbr:`DPDK (Data Plane Development Kit)`
|
.. |DPDK| replace:: :abbr:`DPDK (Data Plane Development Kit)`
|
||||||
.. |DRBD| replace:: :abbr:`DRBD (Distributed Replicated Block Device)`
|
.. |DRBD| replace:: :abbr:`DRBD (Distributed Replicated Block Device)`
|
||||||
.. |DSCP| replace:: :abbr:`DSCP (Differentiated Services Code Point)`
|
.. |DSCP| replace:: :abbr:`DSCP (Differentiated Services Code Point)`
|
||||||
|
Loading…
x
Reference in New Issue
Block a user