[Pulp-list] Fwd: Pulp on Kubernetes
Martin Horák
horak.martin at gmail.com
Thu Mar 22 20:20:12 UTC 2018
Hello here.
Finally I managed to run Pulp in real baremetal Kubernetes based on Michal
Hrivnak's work (https://github.com/mhrivnak/pulp-k8s) using CephFS shared
storage. I tried to fetch and publish some RPM repositories and it works.
I can provide help and answers if you like and I'll know them.
Now I would like to make some changes for semi-production usage:
1) Switch from Fedora to Centos if it'll be possible
2) Change PKI to use our own infrastructure. And here I have a couple of
questions:
Why are there TWO ROOT CA certificates generated (ca and auth-ca)? There is
nothing signed with auth-ca, what is it's purpose?
And second question: I suppose there is NO NEED for ca key in NSS database
for qpidd, provided I have the broker certificate properly signed. Is it
true? Then I could generate all needed certificates using our CA
infrastructure and import them together with ca cert into NSS db.
Thank you for the answer, regards,
Martin Horak
(Michael as an author of k8s solution advised me to ask in this maillist,
that there are the best specialists) :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20180322/5c954503/attachment.htm>
More information about the Pulp-list
mailing list