Extracting the management ingress-ca certificates
In order for the management subsystem to be able to communicate with subsystems in different namespaces, these subsystems need to have the same ingress-ca certificates as the management subsystem.
About this task
This task describes how to extract the ingress-ca certificates to a yaml file, ready for applying to the subsystems that are in different namespaces.
Procedure
-
Export the ingress-ca secret to a yaml file with:
oc -n <management namespace> get secret ingress-ca -o yaml > ingress-ca.yaml
- Edit the ingress-ca.yaml file and remove the following properties: metadata.creationTimestamp, metadata.namespace,metadata.resourceVersion, metadata.uid, metadata.selfLink
- Keep this file safe. You will need to apply it in the namespaces of your other subsystems so that they can communicate with the management subsystem.