Chapter 10. Enabling automatic transfer of s3Secrets to managed clusters

Follow this procedure to enable auto transfer of s3Secrets to the required OpenShift DR cluster components. It updates the OpenShift DR cluster namespace with the s3Secrets that are required to access the s3Profiles in the OpenShift DR config map.

Procedure

  1. Edit the ConfigMag ramen-hub-operator-config on the Hub cluster to add s3SecretDistributionEnabled=true as follows: 

    $ oc edit configmap ramen-hub-operator-config -n openshift-dr-system
    apiVersion: v1
data:
  ramen_manager_config.yaml: |
    apiVersion: ramendr.openshift.io/v1alpha1
    drClusterOperator:
      deploymentAutomationEnabled: true
      s3SecretDistributionEnabled: true  ## <-- Add to enable automatic transfer of s3secrets
      catalogSourceName: redhat-operators
      catalogSourceNamespaceName: openshift-marketplace
      channelName: stable-4.10
      clusterServiceVersionName: odr-cluster-operator.v4.10.0
      namespaceName: openshift-dr-system
      packageName: odr-cluster-operator
[...]

  2. Verify that transfer of secrets was successful by running this command in both managed clusters. 

    $ oc get secrets -n openshift-dr-system | grep Opaque

    Example output: 

    8b3fb9ed90f66808d988c7edfa76eba35647092   Opaque        2      11m
af5f82f21f8f77faf3de2553e223b535002e480   Opaque        2      11m