From 449326d6d108314fd0d29f4c207155f85daba465 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Wed, 24 Oct 2018 14:05:15 -0700 Subject: [PATCH] *: Point at try.openshift.com for pull secrets The account.coreos.com reference was stale, and pull-secrets aren't libvirt-specific, so I've dropped them from the libvirt docs entirely. From Clayton, the flow for getting a pull secret will be: 1. Log in to try.openshift.com. 2. Accept the terms. 3. Get a pull secret you can download or copy/paste back into a local file. Podman doesn't really come into it. Currently the secret you get there looks like: $ cat ~/.personal/pull-secret.json { "auths": { "cloud.openshift.com": {"auth": "...", "email": "..."}, "quay.io": {"auth": "...", "email": "..."} } } Besides pulling images, the secret may also be used to authenticate to other services (e.g. telemetry) on hosts that do not contain image registries, which is more reason to decouple this from Podman. --- docs/dev/libvirt-howto.md | 6 +----- docs/user/environment-variables.md | 2 +- pkg/asset/installconfig/pullsecret.go | 2 +- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/docs/dev/libvirt-howto.md b/docs/dev/libvirt-howto.md index 6948cfe3835..a5f2dc8f30b 100644 --- a/docs/dev/libvirt-howto.md +++ b/docs/dev/libvirt-howto.md @@ -41,9 +41,6 @@ git clone https://github.com/openshift/installer.git cd installer ``` -### Get a pull secret -Go to https://account.coreos.com/ and obtain a *pull secret*. - ### Make sure you have permissions for `qemu:///system` You may want to grant yourself permissions to use libvirt as a non-root user. You could allow all users in the wheel group by doing the following: ```sh @@ -226,13 +223,12 @@ Set `TAGS` when building if you need `destroy cluster` support for libvirt; this TAGS=libvirt_destroy hack/build.sh ``` -To avoid being prompted repeatedly, you can set [environment variables](../user/environment-variables.md) to reflect your libvirt choices. For example, selecting libvirt, setting [our earlier name choices](#pick-names), [our pull secret](#get-a-pull-secret), and telling both the installer and the machine-API operator to contact `libvirtd` at [the usual libvirt IP](#firewall), you can use: +To avoid being prompted repeatedly, you can set [environment variables](../user/environment-variables.md) to reflect your libvirt choices. For example, selecting libvirt, setting [our earlier name choices](#pick-names), and telling both the installer and the machine-API operator to contact `libvirtd` at [the usual libvirt IP](#firewall), you can use: ```sh export OPENSHIFT_INSTALL_PLATFORM=libvirt export OPENSHIFT_INSTALL_BASE_DOMAIN=tt.testing export OPENSHIFT_INSTALL_CLUSTER_NAME=test1 -export OPENSHIFT_INSTALL_PULL_SECRET_PATH=path/to/your/pull-secret.json export OPENSHIFT_INSTALL_LIBVIRT_URI=qemu+tcp://192.168.122.1/system ``` diff --git a/docs/user/environment-variables.md b/docs/user/environment-variables.md index a2d317248e5..e6afd4e9965 100644 --- a/docs/user/environment-variables.md +++ b/docs/user/environment-variables.md @@ -28,7 +28,7 @@ The installer accepts a number of environment variable that allow the interactiv Valid values are `aws` and `libvirt`. * `OPENSHIFT_INSTALL_PULL_SECRET`: The container registry pull secret for this cluster (e.g. `{"auths": {...}}`). - You can generate these secrets with the `podman login` command. + You can get this secret from [try.openshift.com](https://try.openshift.com). * `OPENSHIFT_INSTALL_PULL_SECRET_PATH`: As an alternative to `OPENSHIFT_INSTALL_SSH_PUB_KEY`, you can configure this variable with a path containing your pull secret. * `OPENSHIFT_INSTALL_SSH_PUB_KEY`: diff --git a/pkg/asset/installconfig/pullsecret.go b/pkg/asset/installconfig/pullsecret.go index 2aa85bfe916..bcda82b6147 100644 --- a/pkg/asset/installconfig/pullsecret.go +++ b/pkg/asset/installconfig/pullsecret.go @@ -25,7 +25,7 @@ func (a *pullSecret) Generate(asset.Parents) error { &survey.Question{ Prompt: &survey.Input{ Message: "Pull Secret", - Help: "The container registry pull secret for this cluster, as a single line of JSON (e.g. {\"auths\": {...}}).", + Help: "The container registry pull secret for this cluster, as a single line of JSON (e.g. {\"auths\": {...}}).\n\nYou can get this secret from https://try.openshift.com", }, Validate: survey.ComposeValidators(survey.Required, func(ans interface{}) error { return validate.JSON([]byte(ans.(string)))