diff --git a/modules/configuring-the-codeflare-operator.adoc b/modules/configuring-the-codeflare-operator.adoc new file mode 100644 index 00000000..68112310 --- /dev/null +++ b/modules/configuring-the-codeflare-operator.adoc @@ -0,0 +1,83 @@ +:_module-type: PROCEDURE + +[id="configuring-the-codeflare-operator_{context}"] += Configuring the CodeFlare Operator + +[role='_abstract'] +To configure the CodeFlare Operator for distributed workloads in {productname-short}, you can edit the associated config map. + +.Prerequisites +ifdef::upstream,self-managed[] +* You have logged in to {openshift-platform} with the `cluster-admin` role. +endif::[] +ifdef::cloud-service[] +* You have logged in to OpenShift with the `cluster-admin` role. +endif::[] + + +.Procedure +ifdef::upstream,self-managed[] +. In the {openshift-platform} console, click *Workloads* -> *ConfigMaps*. +endif::[] +ifdef::cloud-service[] +. In the OpenShift console, click *Workloads* -> *ConfigMaps*. +endif::[] + +ifdef::self-managed,cloud-service[] +. From the *Project* list, select *redhat-ods-applications*. +endif::[] +ifdef::upstream[] +. From the *Project* list, select *odh*. +endif::[] + +. Search for the *codeflare-operator-config* config map, and click the config map name to open the *ConfigMap details* page. + +. Click the *YAML* tab to show the config map specifications. +. In the `*data*` > `*config.yaml*` > `*kuberay*` section, you can edit the following entries: ++ +`*ingressDomain*`:: +This configuration option is null (`ingressDomain: ""`) by default. +This option should remain null unless the Ingress Controller is not running on OpenShift. +{productname-short} uses this value to generate the dashboard and client routes for every Ray Cluster, as shown in the following examples: ++ +.Example dashboard and client routes +[source,bash,subs="+quotes"] +---- +ray-dashboard-__-__.__ +ray-client-__-__.__ +---- ++ +`*mTLSEnabled*`:: +This configuration option is enabled (`mTLSEnabled: true`) by default. +When this option is enabled, the Ray Cluster pods create certificates that are used for mutual Transport Layer Security (mTLS), a form of mutual authentication, between Ray Cluster nodes. ++ +`*rayDashboardOauthEnabled*`:: +This configuration option is enabled (`rayDashboardOAuthEnabled: true`) by default. +When this option is enabled, {productname-short} places an OpenShift OAuth proxy in front of the Ray Cluster head node. +Users must then authenticate via their OpenShift cluster login credentials when accessing the Ray Dashboard through the browser. +If the user wants to access the Ray Dashboard via the Ray `JobSubmissionClient` class or in some other programmatic way, they must set an authorization header as part of their request, as shown in the following example: ++ +.Example authorization header +[source,bash,subs="+quotes"] +---- +{Authorization: "Bearer __"} +---- + +. To save your changes, click *Save*. +The CodeFlare Operator is updated. + + +.Verification +Check the status of the `codeflare-operator-manager` pod, as follows: + +ifdef::upstream,self-managed[] +. In the {openshift-platform} console, click *Workloads* -> *Deployments*. +endif::[] +ifdef::cloud-service[] +. In the OpenShift console, click *Workloads* -> *Deployments*. +endif::[] + +. Search for the *codeflare-operator-manager* deployment, and then click the deployment name to open the deployment details page. +. Click the *Pods* tab. +When the status of the `codeflare-operator-manager-__` pod is `Running`, the pod is ready to use. +To see more information about the pod, click the pod name to open the pod details page, and click the *Logs* tab.