Secrets

Warning: After validating the deployment, delete the secret containing all passwords for security purposes. Before upgrading, create a new secret for the deployment.
For deploying Control Center using manifest files, following secrets needs to be created:
  1. For all passwords like database, admin, certificate etc.
    Following is the sample file sccm-secret.yaml for creating secrets :
    apiVersion: v1
kind: Secret
metadata:
  name: ibm-sccm-secret
type: Opaque
data:
  .ccDBPassword: <base64 encoded database passwords>
  .adminUserId: <base64 encoded control center admin username>
  .adminUserPassword: <base64 encoded control center admin password>
  .trustStorePassword: <base64 encoded truststore password>
  .keyStorePassword: <base64 encoded keystore password>
  .emailPassword: <base64 encoded email password>
  .jmsUserId: <base64 encoded JMS user id>
  .jmsPassword: <base64 encoded jms password>
  .userKey: <base64 encoded user key for control center>
    Now, create a secret for all secure credentials with the following command:
    $ oc create -f sccm-secret.yaml -n ibm-sccm
  2. For keystore and truststore certificate files
    Utilize the following command to create a secret for keystore and truststore certificate files:
    $ oc create secret generic ibm-sccm-certs-secret --from-file=keystore=<keystore file path>
--from-file=truststore=<truststore file path> -n ibm-sccm
  3. For TLS certificate if ingress will be used
    This secret will be created only if Kubernetes Ingress resource needs to be created. Create Kubernetes TLS secret with following command:
    $ oc create secret tls ibm-sccm-tls --key=<key file path> --cert=<cert file path> -n ibm-sccm

    For accessing docker images from secure registry

    This image pull secret has been created in the Downloading Container Image section.