Skip to content
This repository has been archived by the owner on Oct 1, 2024. It is now read-only.

Enable multi-tenancy by via IBM AppID #87

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Enable multi-tenancy by via IBM AppID #87

wants to merge 4 commits into from

Conversation

shawnzhu
Copy link

This is a follow up of IBM/manifests#6

Supports kubeflow/website#2182

@shawnzhu
Copy link
Author

@adrian555 May I ask if I should document steps of using AppID in REDME.md of current directory or the upper directory where it supports both kfctl and operator path?

@adrian555
Copy link
Member

@shawnzhu the way we did was to have the README.md in the current directory for the README.md in the upper directory to reference it. Thanks.

@shawnzhu shawnzhu marked this pull request as ready for review October 28, 2020 02:46
adrian555
adrian555 reviewed Oct 28, 2020
View reviewed changes
OpenShift/manifests/README-appid.md
kfctl apply -V -f kfctl_openshift_tekton_kfserving_appid.v1.1.0.yaml
```

### Secure istio ingress gateway with HTTPS
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we make this a step inside the Deploy Kubeflow with KfServing heading? It seems that this section is required for such Kubeflow installation.

OpenShift/manifests/README-appid.md

Notice that it uses HTTPS for the value of `oidcRedirectUrl` during configuration, which
requires additional steps after deploying Kubeflow:
1. enable [TLS passthrough](https://docs.openshift.com/enterprise/3.0/architecture/core_concepts/routes.html#passthrough-termination) mode for the route.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This document link is pointing to OpenShift 3.0 link. Is there an equivalent link for at least 4.5+? Or is there a different approach in the later OpenShift releases to enable TLS passthrough?
Also, which route is the the route referring to? May need to specify?

OpenShift/manifests/README-appid.md
Notice that it uses HTTPS for the value of `oidcRedirectUrl` during configuration, which
requires additional steps after deploying Kubeflow:
1. enable [TLS passthrough](https://docs.openshift.com/enterprise/3.0/architecture/core_concepts/routes.html#passthrough-termination) mode for the route.
2. expose kubeflow dashboard over HTTPS by following steps of [this section](https://www.kubeflow.org/docs/ibm/deploy/authentication/#exposing-the-kubeflow-dashboard-with-dns-and-tls-termination).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This link talks about setting the tls in the kubeflow-gateway, though the above enables the passthrough. It is not clear what exactly is required to set up with these two doc links.

OpenShift/manifests/README-appid.md
kfctl apply -V -f kfctl_openshift_tekton_kfserving_appid.v1.1.0.yaml
```

### Secure istio ingress gateway with HTTPS
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would help to have another heading, something like ### Log in to Kubeflow Dashboard with AppID to provide the Kubeflow Dashboard link and the simple instructions how different users can log in to it with the AppID.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@adrian555 adrian555 adrian555 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@shawnzhu @adrian555