Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit6ab3c67

Browse files
upd onprem mongo mtls doc
1 parent1acae96 commit6ab3c67

File tree

1 file changed

+24
-8
lines changed

1 file changed

+24
-8
lines changed

‎_docs/administration/codefresh-on-prem.md‎

Lines changed: 24 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -681,27 +681,43 @@ mongo:
681681

682682
#### MongoDB with Mutual TLS
683683

684-
Codefresh supports enabling SSL/TLS between cf microservices and MongoDB. To enable this option specify in `config.yaml` the following parameters:<br />
684+
>The option available in kcfi **v0.5.10**
685+
686+
Codefresh supports enabling SSL/TLS between cf microservices and MongoDB. To enable this option specify in `config.yaml` the following parameters:
687+
685688
`global.mongoTLS:true` <br />
686-
`global.mongoCaCert`- CA certificate(base64 encoded) <br />
687-
`global.mongoCaKey`- CA certificate private key(base64 encoded)
689+
`global.mongoCaCert`- CA certificatefile path (in kcfi init directory) <br />
690+
`global.mongoCaKey`- CA certificate private keyfile path (in kcfi init directory)
688691

692+
`config.yaml` example:
689693
```yaml
690694
global:
691-
mongodbRootUser:<MONGO_ROOT_USER>
692-
mongodbRootPassword:<MONGO_ROOT_PASSWORD>
693-
mongoURI:<MONGO_URI>
695+
mongodbRootUser:root
696+
mongodbRootPassword:WOIqcSwr0y
697+
mongoURI:mongodb+srv://cfuser:mTiXcU2wafr9@my-mongodb.prod.svc.cluster.local
694698
mongoSkipUserCreation: true
695699
mongoDeploy: false # disables deployment of internal mongo service
696700
697701
mongoTLS: true #enable MongoDB TLS support
698-
mongoCaCert: "LS0tLS1CRUdJTiBD..." #CA certificate (base64 encoded)
699-
mongoCaKey: "LS0tLS1CRUdJTiBS..." #CA certificate private key (base64 encoded)
702+
mongoCaCert: mongodb-ca/ca-cert.pem
703+
mongoCaKey: mongodb-ca/ca-key.pem
704+
705+
### for OfflineLogging feature
706+
runtimeMongoURI: mongodb+srv://cfuser:mTiXcU2wafr9@my-mongodb.prod.svc.cluster.local
707+
708+
### for OfflineLogging feature
709+
cfapi:
710+
env:
711+
RUNTIME_MONGO_TLS: "true"
712+
RUNTIME_MONGO_TLS_VALIDATE: "true" # 'false' if self-signed certificate to avoid x509 errors
700713
701714
mongo:
702715
enabled: false #disable default mongodb subchart installation
703716
```
704717

718+
>Perform an upgarde with `--no-hooks` option: <br />
719+
>`kcfi deploy -c config.yaml --debug --no-hooks` (WIP)
720+
705721
### Configure an external Redis service
706722
Codefresh recommends to use the Bitnami Redis [chart](https://github.com/bitnami/charts/tree/master/bitnami/redis) as a Redis store.
707723

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp