Updated OpenShift Ansible Broker documents

apb_devel/writing/getting_started.adoc

@@ -112,9 +112,17 @@ RUN chmod -R g=u /opt/{ansible,apb}
 USER apb
 ----
 
-. In the *_Dockerfile_*, you must now update `com.redhat.apb.spec` in the `LABEL`
-instruction with a base64 encoded version of *_apb.yml_*. To do this, run `apb
-prepare`:
+. In the *_Dockerfile_*, there are two updates to make:
+
+.. Change the `FROM` directive to use the image from the Red Hat Container Catalog.
+The first line should now read:
++
+----
+FROM openshift3/apb-base
+----
+
+.. Update `com.redhat.apb.spec` in the `LABEL` instruction with a base64 encoded
+version of *_apb.yml_*. To do this, run `apb prepare`:
 +
 ----
 $ cd my-test-apb
@@ -125,7 +133,7 @@ This updates the *_Dockerfile_* as follows:
 +
 .*_Dockerfile_*
 ----
-FROM ansibleplaybookbundle/apb-base
+FROM openshift3/apb-base
 
 LABEL "com.redhat.apb.spec"=\
 "dmVyc2lvbjogMS4wCm5hbWU6IG15LXRlc3QtYXBiCmRlc2NyaXB0aW9uOiBUaGlzIGlzIGEgc2Ft\

install_config/install/advanced_install.adoc

@@ -1668,26 +1668,30 @@ as well; see xref:configuring-openshift-ansible-broker[Configuring the OpenShift
 === Configuring the OpenShift Ansible Broker
 
 Starting with {product-title} 3.7, the
-xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[OpenShift Ansible broker] (OAB) is enabled by default.
+xref:../../architecture/service_catalog/ansible_service_broker.adoc#arch-ansible-service-broker[OpenShift
+Ansible broker] (OAB) is enabled by default. However, further configuration may be required for use.
+
+[[configuring-oab-storage]]
+==== Configuring Persistent Storage for the OpenShift Ansible Broker
 
 The OAB deploys its own etcd instance separate from the etcd used by the rest of
 the {product-title} cluster. The OAB's etcd instance requires separate storage
 using persistent volumes (PVs) to function. If no PV is available, etcd will
 wait until the PV can be satisfied. The OAB application will enter a `CrashLoop`
 state until its etcd instance is available.
 
+Some Ansible playbook bundles (APBs) may also require a PV for their own usage.
+Two APBs are currently provided with {product-title} 3.7: MediaWiki and
+PostgreSQL. Both of these require their own PV to deploy.
+
 [NOTE]
 ====
 The following example shows usage of an NFS host to provide the required PVs,
 but
 xref:../../install_config/persistent_storage/index.adoc#install-config-persistent-storage-index[other persistent storage providers] can be used instead.
 ====
 
-Some Ansible playbook bundles (APBs) may also require a PV for their own usage.
-Two APBs are currently provided with {product-title} 3.7: MediaWiki and
-PostgreSQL. Both of these require their own PV to deploy.
-
-To configure the OAB:
+To configure persistent storage for the OAB:
 
 . In your inventory file, add `nfs` to the `[OSEv3:children]` section to enable
 the `[nfs]` group:
@@ -1737,6 +1741,24 @@ endif::[]
 These settings create a persistent volume that is attached to the OAB's etcd
 instance during cluster installation.
 
+[[configuring-oab-local-apb-devel]]
+==== Configuring the OpenShift Ansible Broker for Local APB Development
+
+In order to do xref:../../apb_devel/index.adoc#apb-devel-intro[APB development]
+with the OpenShift Container Registry in conjunction with the OAB, a whitelist
+of images the OAB can access must be defined. If a whitelist is not defined, the
+broker will ignore APBs and users will not see any APBs available.
+
+By default, the whitelist is empty so that a user cannot add APB images to the
+broker without a cluster administrator configuring the broker. To whitelist all
+images that end in `-apb`:
+
+. In your inventory file, add the following to the `[OSEv3:vars]` section:
++
+----
+ansible_service_broker_local_registry_whitelist=['.*-apb$']
+----
+
 [[configuring-template-service-broker]]
 === Configuring the Template Service Broker