ENG-319: Adds new file to configure CodeFlare Operator

modules/configuring-the-codeflare-operator.adoc

@@ -0,0 +1,83 @@
+:_module-type: PROCEDURE
+
+[id="configuring-the-codeflare-operator_{context}"]
+= Configuring the CodeFlare Operator
+
+[role='_abstract']
+To configure the CodeFlare Operator for distributed workloads in {productname-short}, you can edit the associated config map.
+
+.Prerequisites
+ifdef::upstream,self-managed[]
+* You have logged in to {openshift-platform} with the `cluster-admin` role.
+endif::[]
+ifdef::cloud-service[]
+* You have logged in to OpenShift with the `cluster-admin` role.
+endif::[]
+
+
+.Procedure
+ifdef::upstream,self-managed[]
+. In the {openshift-platform} console, click *Workloads* -> *ConfigMaps*.
+endif::[]
+ifdef::cloud-service[]
+. In the OpenShift console, click *Workloads* -> *ConfigMaps*.
+endif::[]
+
+ifdef::self-managed,cloud-service[]
+. From the *Project* list, select *redhat-ods-applications*.
+endif::[]
+ifdef::upstream[]
+. From the *Project* list, select *odh*.
+endif::[]
+
+. Search for the *codeflare-operator-config* config map, and click the config map name to open the *ConfigMap details* page.
+
+. Click the *YAML* tab to show the config map specifications.
+. In the `*data*` > `*config.yaml*` > `*kuberay*` section, you can edit the following entries:
++
+`*ingressDomain*`::
+This configuration option is null (`ingressDomain: ""`) by default.
+This option should remain null unless the Ingress Controller is not running on OpenShift.
+{productname-short} uses this value to generate the dashboard and client routes for every Ray Cluster, as shown in the following examples:
++
+.Example dashboard and client routes
+[source,bash,subs="+quotes"]
+----
+ray-dashboard-_<clustername>_-_<namespace>_._<your.ingress.domain>_
+ray-client-_<clustername>_-_<namespace>_._<your.ingress.domain>_
+----
++
+`*mTLSEnabled*`::
+This configuration option is enabled (`mTLSEnabled: true`) by default.
+When this option is enabled, the Ray Cluster pods create certificates that are used for mutual Transport Layer Security (mTLS), a form of mutual authentication, between Ray Cluster nodes.
++
+`*rayDashboardOauthEnabled*`::
+This configuration option is enabled (`rayDashboardOAuthEnabled: true`) by default.
+When this option is enabled, {productname-short} places an OpenShift OAuth proxy in front of the Ray Cluster head node.
+Users must then authenticate via their OpenShift cluster login credentials when accessing the Ray Dashboard through the browser.
+If the user wants to access the Ray Dashboard via the Ray `JobSubmissionClient` class or in some other programmatic way, they must set an authorization header as part of their request, as shown in the following example:
++
+.Example authorization header
+[source,bash,subs="+quotes"]
+----
+{Authorization: "Bearer _<your-openshift-token>_"}
+----
+
+. To save your changes, click *Save*.
+The CodeFlare Operator is updated.
+
+
+.Verification
+Check the status of the `codeflare-operator-manager` pod, as follows:
+
+ifdef::upstream,self-managed[]
+. In the {openshift-platform} console, click *Workloads* -> *Deployments*.
+endif::[]
+ifdef::cloud-service[]
+. In the OpenShift console, click *Workloads* -> *Deployments*.
+endif::[]
+
+. Search for the *codeflare-operator-manager* deployment, and then click the deployment name to open the deployment details page.
+. Click the *Pods* tab.
+When the status of the `codeflare-operator-manager-_<pod-id>_` pod is `Running`, the pod is ready to use.
+To see more information about the pod, click the pod name to open the pod details page, and click the *Logs* tab.