adding updates to reflect the `-a` option in k3d-dev.sh

abee4ffb · Danny Gershman · 452eb88d · abee4ffb · abee4ffb
Verified Commit abee4ffb authored 1 year ago by Danny Gershman
--- a/docs/developer/aws-k3d-script.md
+++ b/docs/developer/aws-k3d-script.md
@@ -51,6 +51,7 @@ k3d-dev.sh -b -p -m -d -h
 -b   use big M5 instance. Default is t3.2xlarge
 -p   use private IP for security group and k3d cluster
 -m   create k3d cluster with metalLB
+ -a   attach secondary Public IP (overrides -p and -m flags)
 -d   destroy related AWS resources
 -h   output help
 ```
@@ -106,6 +107,10 @@ Overrides can be supplemented by adding references to the specific yaml file, th
 -f ../other-overrides.yaml
 ```

+## Testing Keycloak
+
+Refer to this [documentation](package-integration/sso.md#Prerequisites) for various options for testing Keycloak which requires two ingresses on the same EC2 instance.
+
 ## Troubleshooting

 1. If you are on a Mac insure that you have GNU sed command installed. Otherwise you will see this error and the kubeconfig will not be updated with the IP from the instance.

--- a/docs/developer/package-integration/sso.md
+++ b/docs/developer/package-integration/sso.md
@@ -4,7 +4,7 @@ Big Bang has configuration for Single Sign-On (SSO) authentication using an iden

 ## Prerequisites

-The development environment can be set up in one of two ways: 
+The development environment can be set up in one of three ways: 
 1. Two k3d clusters with keycloak in one cluster and Big Bang and all other apps in the second cluster (see [this quick start guide](../../guides/deployment-scenarios/sso-quickstart.md) for more information)
 2. One k3d cluster using MetalLB to have Keycloak, Big Bang, and all other apps in the one cluster (see [this example config](../../assets/configs/example/keycloak-dev-values.yaml) for more information)
 3. Use a single K3D cluster with two Public IP addresses and the `-a` option on the `k3d-dev.sh` script.  This will provision two Elastic IPs, MetalLB, and two specialized `k3d-proxy` containers for connecting the Elastic IPs to the MetalLB IPs.  This allows for both a Public and Passthrough Istio Gateway to work simultaneously, specifically to allow for x509 mTLS authentication with Keycloak.  Keep in mind that `keycloak.bigbang.dev` will need to point to the Secondary IP in your `/etc/hosts` file.  The `k3d-dev.sh` script will inform you of this and return the SecondaryIP.