diff --git a/docs/cinder-csi.md b/docs/cinder-csi.md index b7dadf1e4..b1cd6f836 100644 --- a/docs/cinder-csi.md +++ b/docs/cinder-csi.md @@ -93,6 +93,8 @@ kubectl exec -it nginx -- df -h | grep /var/lib/www/html It is not necessary to enable OpenStack as a cloud provider for Cinder CSI Driver to work. Though, you can run both the in-tree openstack cloud provider and the Cinder CSI Driver at the same time. The storage class provisioners associated to each one of them are differently named. +When using the in-tree OpenStack cloud provider with an external CA certificate, Cinder will not use the external CA certificate set by base64 encoding the cacert file and storing it in the variable `openstack_cacert`, it will use the `OS_CACERT = ` in your openrc. + ## Cinder v2 support For the moment, only Cinder v3 is supported by the CSI Driver. diff --git a/docs/openstack.md b/docs/openstack.md index 189592e51..2ecfa9dbe 100644 --- a/docs/openstack.md +++ b/docs/openstack.md @@ -109,6 +109,7 @@ The new cloud provider is configured to have Octavia by default in Kubespray. ``` - Run `source path/to/your/openstack-rc` to read your OpenStack credentials like `OS_AUTH_URL`, `OS_USERNAME`, `OS_PASSWORD`, etc. Those variables are used for accessing OpenStack from the external cloud provider. +- If you are using an external OpenStack CA certificate, you will need to set `OS_CACERT = ` in your openrc. - Run the `cluster.yml` playbook ## Additional step needed when using calico or kube-router