Merge pull request #65486 from stevsmit/PROJQUAY-5146-OMR-update

jab-rh · web-flow · commit b707f07d1025 · 2023-10-09T12:37:27.000-04:00
Adds proc to update ssl tls keys and cert for OMR
diff --git a/installing/disconnected_install/installing-mirroring-creating-registry.adoc b/installing/disconnected_install/installing-mirroring-creating-registry.adoc
@@ -31,6 +31,7 @@ include::modules/mirror-registry-localhost.adoc[leveloffset=+1]
 include::modules/mirror-registry-localhost-update.adoc[leveloffset=+1]
 include::modules/mirror-registry-remote.adoc[leveloffset=+1]
 include::modules/mirror-registry-remote-host-update.adoc[leveloffset=+1]
+include::modules/mirror-registry-ssl-cert-replace.adoc[leveloffset=+1]
 include::modules/mirror-registry-uninstall.adoc[leveloffset=+1]
 include::modules/mirror-registry-flags.adoc[leveloffset=+1]
 include::modules/mirror-registry-release-notes.adoc[leveloffset=+1]
diff --git a/modules/mirror-registry-flags.adoc b/modules/mirror-registry-flags.adoc
@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * installing/disconnected_install/installing-mirroring-installation-images.adoc
+// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
 
 [id="mirror-registry-flags_{context}"]
 = Mirror registry for Red Hat OpenShift flags
diff --git a/modules/mirror-registry-localhost-update.adoc b/modules/mirror-registry-localhost-update.adoc
@@ -1,6 +1,6 @@
 // module included in the following assembly:
 //
-// * installing-mirroring-creating-registry.adoc
+// * /home/stevsmit/pp/openshift-docs/installing/disconnected_install/installing-mirroring-creating-registry.adoc
 
 :_content-type: PROCEDURE
 [id="mirror-registry-localhost-update_{context}"]
diff --git a/modules/mirror-registry-release-notes.adoc b/modules/mirror-registry-release-notes.adoc
@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * installing/disconnected_install/installing-mirroring-installation-images.adoc
+// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
 
 [id="mirror-registry-release-notes_{context}"]
 = Mirror registry for Red Hat OpenShift release notes
diff --git a/modules/mirror-registry-remote-host-update.adoc b/modules/mirror-registry-remote-host-update.adoc
@@ -1,6 +1,6 @@
 // module included in the following assembly:
 //
-// * installing-mirroring-creating-registry.adoc
+// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
 
 :_content-type: PROCEDURE
 [id="mirror-registry-remote-host-update_{context}"]
diff --git a/modules/mirror-registry-remote.adoc b/modules/mirror-registry-remote.adoc
@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * installing/disconnected_install/installing-mirroring-installation-images.adoc
+// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
 
 :_content-type: PROCEDURE
 [id="mirror-registry-remote_{context}"]
diff --git a/modules/mirror-registry-ssl-cert-replace.adoc b/modules/mirror-registry-ssl-cert-replace.adoc
@@ -0,0 +1,62 @@
+// module included in the following assembly:
+//
+// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
+
+:_content-type: PROCEDURE
+[id="mirror-registry-ssl-cert-replace_{context}"]
+= Replacing mirror registry for Red Hat OpenShift SSL/TLS certificates 
+
+In some cases, you might want to update your SSL/TLS certificates for the the _mirror registry for Red Hat OpenShift_. This is useful in the following scenarios:
+
+* If you are replacing the current _mirror registry for Red Hat OpenShift_ certificate.
+* If you are using the same certificate as the previous _mirror registry for Red Hat OpenShift_ installation. 
+* If you are periodically updating the _mirror registry for Red Hat OpenShift_ certificate. 
+
+Use the following procedure to replace _mirror registry for Red Hat OpenShift_ SSL/TLS certificates.
+
+.Prerequisites 
+
+* You have downloaded the `./mirror-registry` binary from the link:https://console.redhat.com/openshift/downloads#tool-mirror-registry[OpenShift console *Downloads*] page. 
+
+.Procedure
+
+. Enter the following command to install the _mirror registry for Red Hat OpenShift_:
++
+[source,terminal]
+----
+$ ./mirror-registry install \
+--quayHostname <host_example_com> \
+--quayRoot <example_directory_name>
+----
++
+This installs the _mirror registry for Red Hat OpenShift_ to the `$HOME/quay-install` directory. 
+
+. Prepare a new certificate authority (CA) bundle and generate new `ssl.key` and `ssl.crt` key files. For more information, see link:https://access.redhat.com/documentation/en-us/red_hat_quay/3/html-single/deploy_red_hat_quay_for_proof-of-concept_non-production_purposes/index#introduction-using-ssl[Using SSL/TLS].
+
+. Assign `/$HOME/quay-install` an environment variable, for example, `QUAY`, by entering the following command:
++
+[source,terminal]
+----
+$ export QUAY=/$HOME/quay-install
+----
+
+. Copy the new `ssl.crt` file to the `/$HOME/quay-install` directory by entering the following command:
++
+[source,terminal]
+----
+$ cp ~/ssl.crt $QUAY/quay-config
+----
+
+. Copy the new `ssl.key` file to the `/$HOME/quay-install` directory by entering the following command:
++
+[source,terminal]
+----
+$ cp ~/ssl.key $QUAY/quay-config
+----
+
+. Restart the `quay-app` application pod by entering the following command:
++
+[source,terminal]
+----
+$ systemctl restart quay-app 
+----
diff --git a/modules/mirror-registry-troubleshooting.adoc b/modules/mirror-registry-troubleshooting.adoc
@@ -1,6 +1,6 @@
 // module included in the following assembly:
 //
-// * installing-mirroring-creating-registry.adoc
+// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
 
 :_content-type: PROCEDURE
 [id="mirror-registry-troubleshooting_{context}"]
diff --git a/modules/mirror-registry-uninstall.adoc b/modules/mirror-registry-uninstall.adoc
@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * installing/disconnected_install/installing-mirroring-installation-images.adoc
+// * installing/disconnected_install/installing-mirroring-creating-registry.adoc
 
 [id="uninstalling-mirror-registry_{context}"]
 = Uninstalling the mirror registry for Red Hat OpenShift
