-
Bug
-
Resolution: Done
-
Normal
-
None
-
OSC 1.9.0
-
False
-
-
False
Details: IBM Initdata changes
Following modifications are required:
- The CONFIDENTIAL_COMPUTE_ENABLED should be no under 6.2.6, it should be yes for CoCo.. not general OSC peerpod.
- Under 7.5, following changes needs to be done:
- Obtain the Trustee IP address by running the following command: – this doesn't have an example, like from the example output 192.168.122.22 (internal ip) is the trustee ip address, we need to explicitly mention that the IP used should be where the trustee deployment pod is running, which is missing at the moment. Get the trustee IP " oc get node $(oc get pod -n trustee-operator-system -o jsonpath='
{.items[0].spec.nodeName}') -o jsonpath='
{.status.addresses[?(@.type=="InternalIP")].address}' "
- Obtain the Trustee port by running the following command: – similar to above the nodePort is not being called out here.
- Obtain the Trustee IP address by running the following command: – this doesn't have an example, like from the example output 192.168.122.22 (internal ip) is the trustee ip address, we need to explicitly mention that the IP used should be where the trustee deployment pod is running, which is missing at the moment. Get the trustee IP " oc get node $(oc get pod -n trustee-operator-system -o jsonpath='
- Under 7.14, following changes needs to be done: 7.a)
cat << EOF > kbs-https-certificate.yaml
apiVersion: v1
kind: Secret
metadata:
name: kbs-https-certificate
namespace: trustee-operator-system
data:
https.crt: $(cat /tmp/ibmse/kbs.crt} | base64 -w 0)
EOF {code}
7.c) apiVersion: v1
kind: Secret
metadata:
name: kbs-https-key
namespace: trustee-operator-system
data:
https.key: $(cat /tmp/ibmse/localhost.key | base64 -w 0) {code}
Documentation URL: https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/1.8/html/user_guide/deploying-cc_ibm-cc
