Missing steps in the documentation of installing small foot print pcf installation on aws. #434
Comments
|
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story. The labels on this github issue will be updated when the story is started. |
|
Hi Team, Any updates on this issue? We are working on a POC and any help on this would be helpful. |
|
@harisonde thanks-- I'll check with @crawsible whether the Credhub config instructions in the v2.0 docs version of that topic https://docs.pivotal.io/pivotalcf/2-0/customizing/pcf-aws-manual-er-config.html#credhub |
|
@harisonde the config instructions you linked to above are for Elastic Runtime v1.12, which did not use CredHub (although the underlying BOSH layer did use a BOSH CredHub server in that version, distinct from the runtime CredHub in later versions of Pivotal Application Service, formerly Elastic Runtime). The PAS 2.0 docs do show how to configure the runtime CredHub server-- see https://docs.pivotal.io/pivotalcf/2-0/customizing/pcf-aws-manual-er-config.html#credhub -- maybe this is the version of the instructions you need? |
|
@pspinrad thanks for looking into it. The document which you shared still has missing steps for configuring HSM provider partition and other related fields.. As I mentioned I still have an issue in configuring HSM provider partition details. I could see there are couple of issues(#405 and #394) opened by others for the same..Is it possible to look into it and provide an resolution on the same. |
|
Thanks @harisonde -- good to know, and thanks for the helpful pointers-- I'll track down the info. |
|
@harisonde hi again-- this topic (PCF v2.1 docs) shows and explains HSM Provider Partition and related fields, but if it's helpful, I'm wondering how discoverable it is? https://docs.pivotal.io/pivotalcf/2-1/opsguide/secure-si-creds.html#pas-config |
|
@pspinrad Thanks for sharing it...I had looked into it earlier and it still needs requiring you to provide HSM server and partition text details. It would be helpful to let us know how to create/configure HSM details if credhub needs to store keys in HSM. Configuring credhub to use HSM is marked as optional step but it forces user to entrer HSM details..is it not an issue? Let me know what do you think about these points... |
|
@harisonde I know I'm throwing you lots of pointers, but wondering if the "Create an HSM Partition" instructions here might help, from the open-source Cloud Foundry docs: https://docs.cloudfoundry.org/credhub/hsm-config.html#initialize-and-configure Also-- you're saying that if you aren't using an HSM, you still need to enter some dummy values into those fields, in order to avoid an install error? If so, that's definitely an issue that we'd need to document and fix. Thanks again-- |
|
@pspinrad We are doing a POC and we don't want to install HSM . Even though HSM sections mentioned as optional it is forcing us to enter values for the same. And we are not able to proceed by entering dummy values also as it is validating the entered values. I believe this section should be made option and user can go ahead with out entering any HSM details if they don't want to use it. |
|
@harisonde None of the HSM fields are mandatory. The only thing you must do is create an encryption key, but you don't need to configure anything else -- just leave it all blank. |
|
Thank you..Let me check and get back to you in case if I face an issue |
cf-gitbot
added
in progress
delivered
accepted
and removed
scheduled
in progress
delivered
labels
Manually configuring Elastic Runtime for AWS doesn't have instructions or guide on configuring credHub(Configure the CredHub Server) details
To Reproduce
Steps to reproduce the behavior:
Finish 'Manually Configuring AWS for PCF' and 'Manually Configuring Ops Manager on AWS' steps.
Import 'Small Footprint PAS' product into 'Pivotal Cloud Foundry Operations Manager Installation Dashboard'.
Follow the set up process for ERT as mentioned in the below link.
https://docs.pivotal.io/pivotalcf/1-12/customizing/pcf-aws-manual-er-config.html#om-add
Steps mentioned in the above link doesn't have instructions for completing 'credHub(Configure the CredHub Server)' details which is preventing me from finishing 'PCF Small Footprint installation on AWS'.
Expected behavior
Steps to configure 'credHub(Configure the CredHub Server)'.
Screenshots
If applicable, add screenshots to help explain your problem.
OS, Browser, and Version:
Please look into the missing steps and provide an alternative solution to resolve this issue.
The text was updated successfully, but these errors were encountered: