How to insert a ca-cert inside a container through oc edit deploy <pod/container_name>

5/8/2019

I'm trying to make an ssl based connection to memsql from an openshift pod/container. I have to insert an self-signed ca-certificate inside the pod such that the connection is established between memsql and the pod. I have following ideas but not sure how to implement them: 1. Mount a path in volumeMounts: like /etc/ssl/certs and insert the certificate in that path and give a secret for that file name, but how do I copy that file to the specified path. 2. Copy the contents of the certificate in the deployment config under secrets, but will it be validated and how to achieve that?

-- Abc
docker
kubernetes
openshift

1 Answer

5/8/2019

First create TLS secret:

oc create secret tls mycert --cert /tmp/cert.pem --key /tmp/key.pem

Then mount this secret into your container into /certs directory

oc set volume dc/myapp --add -t secret -m /certs --name cert --secret-name mycert

You cert will be available inside pod at /certs/tls.crt and key will be at /certs/tls.key

-- Vasily Angapov
Source: StackOverflow