Skip to content

*: Point at try.openshift.com for pull secrets #663

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Dec 1, 2018
Merged

*: Point at try.openshift.com for pull secrets #663

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 1 addition & 5 deletions docs/dev/libvirt-howto.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,9 +41,6 @@ git clone https://github.com/openshift/installer.git
cd installer
```

### Get a pull secret
Go to https://account.coreos.com/ and obtain a *pull secret*.

### Make sure you have permissions for `qemu:///system`
You may want to grant yourself permissions to use libvirt as a non-root user. You could allow all users in the wheel group by doing the following:
```sh
Expand Down Expand Up @@ -226,13 +223,12 @@ Set `TAGS` when building if you need `destroy cluster` support for libvirt; this
TAGS=libvirt_destroy hack/build.sh
```

To avoid being prompted repeatedly, you can set [environment variables](../user/environment-variables.md) to reflect your libvirt choices. For example, selecting libvirt, setting [our earlier name choices](#pick-names), [our pull secret](#get-a-pull-secret), and telling both the installer and the machine-API operator to contact `libvirtd` at [the usual libvirt IP](#firewall), you can use:
To avoid being prompted repeatedly, you can set [environment variables](../user/environment-variables.md) to reflect your libvirt choices. For example, selecting libvirt, setting [our earlier name choices](#pick-names), and telling both the installer and the machine-API operator to contact `libvirtd` at [the usual libvirt IP](#firewall), you can use:

```sh
export OPENSHIFT_INSTALL_PLATFORM=libvirt
export OPENSHIFT_INSTALL_BASE_DOMAIN=tt.testing
export OPENSHIFT_INSTALL_CLUSTER_NAME=test1
export OPENSHIFT_INSTALL_PULL_SECRET_PATH=path/to/your/pull-secret.json
export OPENSHIFT_INSTALL_LIBVIRT_URI=qemu+tcp://192.168.122.1/system
```

Expand Down
2 changes: 1 addition & 1 deletion docs/user/environment-variables.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ The installer accepts a number of environment variable that allow the interactiv
Valid values are `aws` and `libvirt`.
* `OPENSHIFT_INSTALL_PULL_SECRET`:
The container registry pull secret for this cluster (e.g. `{"auths": {...}}`).
You can generate these secrets with the `podman login` command.
You can get this secret from [try.openshift.com](https://try.openshift.com).
* `OPENSHIFT_INSTALL_PULL_SECRET_PATH`:
As an alternative to `OPENSHIFT_INSTALL_SSH_PUB_KEY`, you can configure this variable with a path containing your pull secret.
* `OPENSHIFT_INSTALL_SSH_PUB_KEY`:
Expand Down
2 changes: 1 addition & 1 deletion pkg/asset/installconfig/pullsecret.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ func (a *pullSecret) Generate(asset.Parents) error {
&survey.Question{
Prompt: &survey.Input{
Message: "Pull Secret",
Help: "The container registry pull secret for this cluster, as a single line of JSON (e.g. {\"auths\": {...}}).",
Help: "The container registry pull secret for this cluster, as a single line of JSON (e.g. {\"auths\": {...}}).\n\nYou can get this secret from https://try.openshift.com",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

users were complaining https://github.com/openshift/installer/pull/663/files#diff-e88e63c9df89ea6d2969694596325266L44 was insufficient. now this is more obscure. We should add/point to some docs on getting the pull secret process.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

try.openshift.com is fairly tightly scoped to this. Not sure about the old account.coreos.com. I'll go through the process again and see if there's anything that seems non-obvious.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So here's what the try.openshift.com flow looks like:

login

secret

I don't know what text I could add to make that process easier, except that it would be nice if the secret was on a single line (I think @crawford has already asked for that) or if the web page suggested downloading the secret instead of copy/pasting it. Thoughts?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Even the old process was 2 steps:
screenshot from 2018-11-16 12-53-45
screenshot from 2018-11-16 12-54-11

Users still kept asking us?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, the OpenShift version is certainly putting it more front-and-center ;). That should help. #677 and #691 were both suggesting a "register for a Tectonic plan" step. Is that still required for OpenShift? I'd expect try.openshift.com to be enough user input to get that information, but I'm not sure what the from-scratch flow looks like (presumably there's an accept-terms intermediate? Maybe more?). @smarterclayton, are there screenshots for a from-scratch registration somewhere?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

... but I'm not sure what the from-scratch flow looks like (presumably there's an accept-terms intermediate? Maybe more?).

So I just went through this with a different email address and GitHub auth, and there are two intermediate pages. The first is a form for personal information and term-acceptance:

form

The next is an email-confirmation page:

confirm

Clicking on the confirmation link in the email took me to the page I posted above, with the token front and center. So I don't think the new flow has anything like the old flow's "register for a Tectonic plan" step. Is that enough to back up the text I have here now? If not, what additional text would you like to see?

},
Validate: survey.ComposeValidators(survey.Required, func(ans interface{}) error {
return validate.JSON([]byte(ans.(string)))
Expand Down