ocp proxy demo

gistfile1.txt

# Demo cmds

oc get cm/user-ca-bundle -n openshift-config -o yaml | head -10
oc get proxy/cluster -o yaml
oc get deploy/ingress-operator -n openshift-ingress-operator -o yaml | grep -A6 HTTP_PROXY
oc exec -it ingress-operator-8457b8fc7f-2r767 -n openshift-ingress-operator -c ingress-operator -- head -10 /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem


# Proxy Demo

Verify the ingress operator trust bundle configmap does not contain custom certs
oc get cm/trusted-ca -n openshift-ingress-operator -o yaml

# Create configmap for the proxy trusted ca certs
oc apply -f ~/tmp/proxy-ewolinetz-configmap.yaml

# Update proxy object (default spec is nil)
oc edit proxy/cluster

# Verify proxy status
oc get proxy/cluster -o yaml

apiVersion: config.openshift.io/v1
kind: Proxy
metadata:
  creationTimestamp: "2020-02-18T23:58:50Z"
  generation: 2
  name: cluster
  resourceVersion: "328758"
  selfLink: /apis/config.openshift.io/v1/proxies/cluster
  uid: 6d43a22d-c4c1-42f6-824e-9b1ed4bd48a1
spec:
  httpProxy: http://ewolinet:[email protected]:3128
  httpsProxy: https://ewolinet:[email protected]:3128
  noProxy: example.com
  readinessEndpoints:
  - http://www.google.com
  - https://www.google.com
  trustedCA:
    name: ewolinetz-ca-bundle
status:
  httpProxy: http://ewolinet:[email protected]:3128
  httpsProxy: https://ewolinet:[email protected]:3128
  noProxy: ',.cluster.local,.svc,.us-west-2.compute.internal,10.128.0.0/14,127.0.0.1,169.254.169.254,172.30.0.0/16,api-int.dhansen.devcluster.openshift.com,etcd-0.dhansen.devcluster.openshift.com,etcd-1.dhansen.devcluster.openshift.com,etcd-2.dhansen.devcluster.openshift.com,example.com,localhost'


# Verify the ingress operator trust bundle configmap has been updated
oc get cm/trusted-ca -n openshift-ingress-operator -o yaml

# Verify ingress operator status
oc get co/ingress
NAME      VERSION                             AVAILABLE   PROGRESSING   DEGRADED   SINCE
ingress   4.4.0-0.nightly-2020-02-11-124749   True        False         False      9m34s