Details
-
Page
-
Resolution: Done
-
Major
-
None
-
None
-
1
Description
with multiple root ca's support coming out there are a few bits of documentation that potentially need updating.
Particularly:
https://docs.couchbase.com/operator/current/howto-tls.html#couchbase-cluster-configuration is documenting the "cert-manager" style secret and not a `kubernetes.io/tls` secret.
if setting a `kubernetes.io/tls` secret
then 2 secrets are required
$ kubectl create secret generic couchbase-server-tls \
--from-file example/tls/certs/tls.crt \
--from-file example/tls/certs/tls.key
and
$ kubectl create secret generic couchbase-server-tls-ca \
--from-file example/tls/cert/ca/tls.crt
set into secretSource and rootCAs respectively
We may also need to potentially clarify that rootCAs can't be used for XDCR and LDAP ca certs. (Since the DAC still expects them)
https://docs-staging.couchbase.com/operator/2.3/tutorial-rbac-auth.html#create-and-authorize-a-user
the yaml for CouchbaseGroup is now invalid. we've migrated from `scopes` to `scopes.resources` at some point.