OSDOCS-16326: adds xrefs, fixes node mention

2026-02-05 12:46:18 +01:00 · 2025-09-30 07:18:06 -04:00
parent bb31a997cb
commit 717954aa94
20 changed files with 39 additions and 54 deletions
--- a/_topic_maps/_topic_map_ms.yml
+++ b/_topic_maps/_topic_map_ms.yml
@@ -125,7 +125,7 @@ Topics:
  File: microshift-config-snippets
 - Name: Configuring IPv6 networking
  File: microshift-nw-ipv6-config
- Name: Using ingress control for a MicroShift cluster
+- Name: Using ingress control for a MicroShift node
  File: microshift-ingress-controller
 - Name: Disabling LVMS CSI provider and CSI snapshot
  File: microshift-disable-lvms-csi-provider-csi-snapshot
@@ -133,6 +133,8 @@ Topics:
  File: microshift-greenboot-checking-status
 - Name: Node access with kubeconfig files
  File: microshift-node-access-kubeconfig
+- Name: About the Generic Device Plugin
+  File: microshift-gdp
 - Name: Configuring MicroShift authentication and security
  Dir: microshift_auth_security
  Topics:
@@ -151,8 +153,6 @@ Topics:
    File: microshift-low-latency
  - Name: Workload partitioning
    File: microshift-workload-partitioning
- Name: About the Generic Device Plugin (GDP)
-  File: microshift-gdp
 ---
 Name: Networking
 Dir: microshift_networking
--- a/microshift_cli_ref/microshift-cli-tools-introduction.adoc
+++ b/microshift_cli_ref/microshift-cli-tools-introduction.adoc
@@ -23,5 +23,5 @@ Commands for multi-node deployments, projects, and developer tools are not suppo
 [role="_additional-resources"]
 == Additional resources

-* xref:..//microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Getting started with the OpenShift CLI]
+* xref:../microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Getting started with the OpenShift CLI]
 * link:https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html/cli_tools/openshift-cli-oc#cli-about-cli_cli-developer-commands[About the OpenShift CLI] ({OCP} documentation)
--- a/microshift_cli_ref/microshift-cli-using-oc.adoc
+++ b/microshift_cli_ref/microshift-cli-using-oc.adoc
@@ -59,8 +59,7 @@ $ oc logs cakephp-ex-1-deploy
 [id="listing-supported-apis_{context}"]
 === Listing supported API resources

-Use the `oc api-resources` command to view the list of supported API resources
-on the server.
+Use the `oc api-resources` command to view the list of supported API resources on the server.

 [source,terminal]
 ----
--- a/microshift_configuring/microshift-config-snippets.adoc
+++ b/microshift_configuring/microshift-config-snippets.adoc
@@ -1,7 +1,7 @@
 :_mod-docs-content-type: ASSEMBLY
 [id="microshift-config-snippets"]
+= Using configuration snippets
 include::_attributes/attributes-microshift.adoc[]
-= Using {microshift-short} configuration snippets
 :context: microshift-config-snippets

 toc::[]
--- a/microshift_configuring/microshift-default-config-yaml.adoc
+++ b/microshift_configuring/microshift-default-config-yaml.adoc
@@ -15,9 +15,3 @@ include::snippets/microshift-greenboot-status-snip.adoc[leveloffset=+2]
 include::modules/microshift-config-yaml.adoc[leveloffset=+1]

 include::modules/microshift-default-settings.adoc[leveloffset=+2]
-
-[id="additional-resources_microshift-using-config-yaml_{context}"]
-[role="_additional-resources"]
-== Additional resources
-
-//* xref:../microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
--- a/microshift_configuring/microshift-gdp.adoc
+++ b/microshift_configuring/microshift-gdp.adoc
@@ -27,7 +27,6 @@ include::modules/microshift-ref-generic-device-plugin-troubleshooting.adoc[level
 [id="_additional-resources_microshift-gdp_{context}"]
 == Additional resources

-//* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
 * xref:../microshift_networking/microshift-networking-settings.adoc#microshift-understanding-networking-settings[Understanding networking settings]
 * xref:../microshift_networking/microshift_multiple_networks/microshift-cni-multus.adoc#microshift-cni-multus[About using multiple networks]
 * xref:../microshift_networking/microshift_network_policy/microshift-network-policy-index.adoc#microshift-network-policies[About network policies]
--- a/microshift_configuring/microshift-greenboot-checking-status.adoc
+++ b/microshift_configuring/microshift-greenboot-checking-status.adoc
@@ -10,4 +10,4 @@ To deploy applications or make other changes through the {microshift-short} API

 The `greenboot-healthcheck` service runs one time and then exits. After greenboot has exited and the system is in a healthy state, you can proceed with configuration changes and deployments.

-include::modules/microshift-greenboot-check-status.adoc[leveloffset=+1]
+include::modules/microshift-greenboot-check-status.adoc[leveloffset=+1]
--- a/microshift_configuring/microshift-ingress-controller.adoc
+++ b/microshift_configuring/microshift-ingress-controller.adoc
@@ -1,12 +1,12 @@
 :_mod-docs-content-type: ASSEMBLY
 [id="microshift-ingress-controller"]
-= Using ingress control for a {microshift-short} cluster
+= Using ingress control for a {microshift-short} node
 include::_attributes/attributes-microshift.adoc[]
 :context: microshift-ingress-controller

 toc::[]

-Use the ingress controller options in the {microshift-short} configuration file to make pods and services accessible outside the cluster.
+Use the ingress controller options in the {microshift-short} configuration file to make pods and services accessible outside the node.

 include::modules/microshift-ingress-controller-conc.adoc[leveloffset=+1]

--- a/microshift_configuring/microshift-using-config-yaml.adoc
+++ b/microshift_configuring/microshift-using-config-yaml.adoc
@@ -1,7 +1,7 @@
 :_mod-docs-content-type: ASSEMBLY
 [id="microshift-using-config-yaml"]
+= Customizing MicroShift by using the configuration file
 include::_attributes/attributes-microshift.adoc[]
-= Customizing {microshift-short} by using the configuration file
 :context: microshift-using-config-yaml

 toc::[]
@@ -24,6 +24,6 @@ include::modules/microshift-config-nodeport-limits.adoc[leveloffset=+2]
 [role="_additional-resources"]
 == Additional resources

-* xref:../../microshift-greenboot-checking-status.adoc#microshift-greenboot-checking-status[Checking Greenboot status]
+* xref:../microshift_configuring/microshift-greenboot-checking-status.adoc#microshift-greenboot-checking-status[Checking greenboot status]

-* xref:../microshift_configuring/microshift-ingress-controller.adoc#microshift-ingress-controller[Using ingress control for a {microshift-short} cluster]
+* xref:../microshift_configuring/microshift-ingress-controller.adoc#microshift-ingress-controller[Using ingress control for a {microshift-short} node]
--- a/microshift_configuring/microshift_auth_security/microshift-tls-config.adoc
+++ b/microshift_configuring/microshift_auth_security/microshift-tls-config.adoc
@@ -18,7 +18,7 @@ include::modules/microshift-tls-default-cipher-suites.adoc[leveloffset=+2]
 [role="_additional-resources"]
 == Additional resources

-//* xref:../microshift-config-snippets.adoc#microshift-config-snippets[Using configuration snippets]
+* xref:../../microshift_configuring/microshift-config-snippets.adoc#microshift-config-snippets[Using configuration snippets]
 * xref:../../microshift_running_apps/microshift-authentication.adoc#authentication-microshift[Pod security authentication and authorization with SCC]
 * xref:../../microshift_configuring/microshift-node-access-kubeconfig#microshift-node-access-kubeconfig[Cluster access with kubeconfig]
 * xref:../microshift_auth_security/microshift-custom-ca.adoc#microshift-custom-ca[Configuring custom certificate authorities]
--- a/microshift_configuring/microshift_low_latency/microshift-low-latency.adoc
+++ b/microshift_configuring/microshift_low_latency/microshift-low-latency.adoc
@@ -22,8 +22,7 @@ include::modules/microshift-low-latency-config-yaml.adoc[leveloffset=+1]
 //additional resources for the config.yaml
 [role="_additional-resources"]
 .Additional resources
-//TODO * workload partitioning crossref here
-//* xref:../../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
+* xref:../../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
 * link:https://kubernetes.io/docs/reference/config-api/kubelet-config.v1beta1/#kubelet-config-k8s-io-v1beta1-KubeletConfiguration[KubeletConfiguration reference] (Kubernetes upstream documentation)

 //RHEL TuneD
@@ -92,4 +91,4 @@ include::modules/microshift-low-latency-rhel-edge-blueprint-rtk.adoc[leveloffset
 [role="_additional-resources"]
 [id="additional-resources-wp_{context}"]
 .Additional resources
-* xref:../microshift_low_latency/microshift-workload-partitioning.adoc#microshift-workload-partitioning[Workload partitioning]
+* xref:../microshift_low_latency/microshift-workload-partitioning.adoc#microshift-workload-partitioning[Workload partitioning]
--- a/microshift_install_get_ready/microshift-install-get-ready.adoc
+++ b/microshift_install_get_ready/microshift-install-get-ready.adoc
@@ -21,10 +21,6 @@ include::modules/microshift-install-rhel-tools-concepts.adoc[leveloffset=+1]
 include::modules/microshift-install-rhde-steps.adoc[leveloffset=+1]

 include::modules/microshift-encrypt-etcd-data.adoc[leveloffset=+1]
-[role="_additional-resources"]
-.Additional resources
-
-* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_storage_devices/encrypting-block-devices-using-luks_managing-storage-devices#luks-disk-encryption_encrypting-block-devices-using-luks[LUKS disk encryption]

 [id="additional-resources_microshift-install-get-ready_{context}"]
 [role="_additional-resources"]
@@ -33,3 +29,4 @@ include::modules/microshift-encrypt-etcd-data.adoc[leveloffset=+1]
 * xref:../microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Getting started with the OpenShift CLI]
 * link:https://docs.redhat.com/en/documentation/red_hat_build_of_microshift/latest/html/installing_with_an_rpm_package/index[Installing from an RPM package]
 * xref:../microshift_networking/microshift-networking-settings.adoc#microshift-networking[Understanding networking settings]
+* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_storage_devices/encrypting-block-devices-using-luks_managing-storage-devices#luks-disk-encryption_encrypting-block-devices-using-luks[LUKS disk encryption]
--- a/microshift_install_rpm/microshift-install-rpm.adoc
+++ b/microshift_install_rpm/microshift-install-rpm.adoc
@@ -19,7 +19,7 @@ include::modules/microshift-install-rpms.adoc[leveloffset=+1]
 == Additional resources
 * xref:../microshift_install_get_ready/microshift-fips.adoc#microshift-fips[Using FIPS mode with {microshift-short}]
 * Download the link:https://console.redhat.com/openshift/install/pull-secret[pull secret] from the Red Hat Hybrid Cloud Console
-//* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
+* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
 * link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/interactively_installing_rhel_over_the_network/customizing-the-system-in-the-installer_rhel-installer#manual-partitioning_customizing-the-system-in-the-installer[Configuring manual partitioning]
 * link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_and_managing_logical_volumes/overview-of-logical-volume-management_configuring-and-managing-logical-volumes[Overview of logical volume management]
 * link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/configuring_and_managing_logical_volumes/index#managing-lvm-volume-groups_configuring-and-managing-logical-volumes[Managing LVM Volume Groups]
--- a/microshift_networking/microshift-cni.adoc
+++ b/microshift_networking/microshift-cni.adoc
@@ -6,10 +6,10 @@ include::_attributes/attributes-microshift.adoc[]

 toc::[]

-The OVN-Kubernetes Container Network Interface (CNI) plugin is the default networking solution for {microshift-short} clusters. OVN-Kubernetes is a virtualized network for pods and services that is based on Open Virtual Network (OVN).
+The OVN-Kubernetes Container Network Interface (CNI) plugin is the default networking solution for the {microshift-short} node. OVN-Kubernetes is a virtualized network for pods and services that is based on Open Virtual Network (OVN).

 * Default network configuration and connections are applied automatically in {microshift-short} with the `microshift-networking` RPM during installation.
-* A cluster that uses the OVN-Kubernetes network plugin also runs Open vSwitch (OVS) on the node.
+* A node that uses the OVN-Kubernetes network plugin also runs Open vSwitch (OVS) on the node.
 * OVN-K configures OVS on the node to implement the declared network configuration.
 * Host physical interfaces are not bound by default to the OVN-K gateway bridge, `br-ex`. You can use standard tools on the host for managing the default gateway, such as the Network Manager CLI (`nmcli`).
 * Changing the CNI is not supported on {microshift-short}.
@@ -19,8 +19,8 @@ Using configuration files or custom scripts, you can configure the following net
 * You can use subnet CIDR ranges to allocate IP addresses to pods.
 * You can change the maximum transmission unit (MTU) value.
 * You can configure firewall ingress and egress.
-* You can define network policies in the {microshift-short} cluster, including ingress and egress rules.
-* You can use the {microshift-short} Multus plug-in to chain other CNI plugins.
+* You can define network policies in the {microshift-short}, including ingress and egress rules.
+* You can use the {microshift-short} Multus plugin to chain other CNI plugins.
 * You can configure or remove the ingress router.

 include::modules/microshift-cni-customization-matrix.adoc[leveloffset=+1]
@@ -35,7 +35,7 @@ Networking features available with {microshift-short} {product-version} include:
 * Dynamic node IP
 * Custom gateway interface
 * Second gateway interface
-* Cluster network on specified host interface
+* Node network on specified host interface
 * Blocking external access to NodePort service on specific host interfaces

 Networking features not available with {microshift-short} {product-version}:
@@ -47,7 +47,7 @@ Networking features not available with {microshift-short} {product-version}:

 [id="microshift-ip-forward_{context}"]
 == IP forward
-The host network `sysctl net.ipv4.ip_forward` kernel parameter is automatically enabled by the `ovnkube-master` container when started. This is required to forward incoming traffic to the CNI. For example, accessing the NodePort service from outside of a cluster fails if `ip_forward` is disabled.
+The host network `sysctl net.ipv4.ip_forward` kernel parameter is automatically enabled by the `ovnkube-master` container when started. This is required to forward incoming traffic to the CNI. For example, accessing the NodePort service from outside of a node fails if `ip_forward` is disabled.

 [id="microshift-network-performance_{context}"]
 == Network performance optimizations
@@ -69,7 +69,7 @@ include::modules/microshift-nw-topology.adoc[leveloffset=+1]
 [role="_additional-resources"]
 == Additional resources

-//* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
+* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file]
 * xref:../microshift_networking/microshift-networking-settings.adoc#microshift-understanding-networking-settings[Understanding networking settings]
 * xref:../microshift_networking/microshift_multiple_networks/microshift-cni-multus.adoc#microshift-cni-multus[About using multiple networks]
-* xref:../microshift_networking/microshift_network_policy/microshift-network-policy-index.adoc#microshift-network-policies[About network policies]
+* xref:../microshift_networking/microshift_network_policy/microshift-network-policy-index.adoc#microshift-network-policies[About network policies]
--- a/microshift_networking/microshift-nw-router.adoc
+++ b/microshift_networking/microshift-nw-router.adoc
@@ -21,11 +21,10 @@ include::modules/microshift-nw-router-config-ports.adoc[leveloffset=+2]

 include::modules/microshift-nw-router-config-ip-address.adoc[leveloffset=+2]

-[role="_additional-resources"]
 [id="additional-resources_microshift-understanding-and-configuring-router_{context}"]
+[role="_additional-resources"]
 == Additional resources
 * xref:../microshift_configuring/microshift-default-config-yaml.adoc#microshift-default-config-yaml[About the default {microshift-short} configuration file]
-
 * xref:../microshift_networking/microshift_network_policy/microshift-network-policy-index.adoc#microshift-network-policies[About network policies]

-include::modules/microshift-nw-config-route-admission.adoc[leveloffset=+1]
+include::modules/microshift-nw-config-route-admission.adoc[leveloffset=+1]
--- a/microshift_support/microshift-remote-cluster-monitoring.adoc
+++ b/microshift_support/microshift-remote-cluster-monitoring.adoc
@@ -14,7 +14,7 @@ include::modules/microshift-info-collected-telemetry.adoc[leveloffset=+1]

 include::modules/microshift-opt-out-telemetry.adoc[leveloffset=+1]

-//[id="additional-resources_microshift-remote-cluster-monitoring_{context}"]
-//== Additional resources
+[id="additional-resources_microshift-remote-cluster-monitoring_{context}"]
+== Additional resources

-//* xref:../microshift_configuring/microshift-config-snippets.adoc#microshift-config-snippets[Using configuration snippets].
+* xref:../microshift_configuring/microshift-config-snippets.adoc#microshift-config-snippets[Using configuration snippets]
--- a/modules/microshift-ingress-controller-conc.adoc
+++ b/modules/microshift-ingress-controller-conc.adoc
@@ -6,7 +6,7 @@
 [id="microshift-ingress-control-concept_{context}"]
 = Using ingress control in {microshift-short}

-When you create your {microshift-short} cluster, each pod and service running on the cluster is allocated an IP address. These IP addresses are accessible to other pods and services running nearby by default, but are not accessible to external clients. {microshift-short} uses a minimal implementation of the {OCP} `IngressController` API to enable external access to cluster services.
+When you create your {microshift-short} node, each pod and service running on the node is allocated an IP address. These IP addresses are accessible to other pods and services running nearby by default, but are not accessible to external clients. {microshift-short} uses a minimal implementation of the {OCP} `IngressController` API to enable external access to node services.

 With more configuration options, you can fine-tune ingress to meet your specific needs. To use enhanced ingress control, update the parameters in the {microshift-short} configuration file and restart the service.

@@ -16,7 +16,7 @@ Accommodate server response speed::
 * If your application starts processing requests from clients but the connection closes before it can respond, you can set the `ingress.tuningOptions.serverTimeout` parameter in the configuration file to a higher value to accommodate the speed of the response from the server.

 Closing router connections::
-* If the router has many connections open because an application running on the cluster does not close connections properly, you can set the `ingress.tuningOptions.serverTimeout` and `spec.tuningOptions.serverFinTimeout` parameters to a lower value, forcing those connections to close sooner.
+* If the router has many connections open because an application running on the node does not close connections properly, you can set the `ingress.tuningOptions.serverTimeout` and `spec.tuningOptions.serverFinTimeout` parameters to a lower value, forcing those connections to close sooner.

 Verify client certificates::
 * If you need to configure the ingress controller to verify client certificates, you can use the `ingress.clientTLS` parameter to set a clientCA value, which is a reference to a config map. The config map contains the PEM-encoded CA certificate bundle that is used to verify a client's certificate. Optionally, you can also configure a list of certificate subject filters.
@@ -32,4 +32,4 @@ Customize error pages::
 * If you want more than the default error pages, which are usually empty and only return the HTTP status code, configure custom error pages.

 Capture HTTP headers or cookies::
-* If you want to include the capture of HTTP headers or cookies, configure them in the access logging.
+* If you want to include the capture of HTTP headers or cookies, configure them in the access logging.
--- a/modules/microshift-ingress-controller-config.adoc
+++ b/modules/microshift-ingress-controller-config.adoc
@@ -18,8 +18,8 @@ You can use detailed ingress control settings by updating the {microshift-short}
 .Prerequisites

 * You installed the {oc-first}.
-* You have root access to the cluster.
-* Your cluster uses the OVN-Kubernetes Container Network Interface (CNI) plugin.
+* You have root access to the node.
+* Your node uses the OVN-Kubernetes Container Network Interface (CNI) plugin.

 .Procedure

@@ -215,12 +215,12 @@ log message. The ingress controller might impose a separate bound on the total l
 |`certificateSecret`
 |A reference to a `kubernetes.io/tls` type of secret that contains the default certificate that the {microshift-short} ingress controller serves. When routes do not specify their own certificate, the `certificateSecret` parameter is used. All secrets used must contain `tls.key` key file contents and `tls.crt` certificate file contents.

-* When the `certificateSecret` parameter is not set, a wildcard certificate is automatically generated and used. The wildcard certificate is valid for the ingress controller default `domain` and its `subdomains`. The generated certificate authority (CA) is automatically integrated with the truststore of the cluster.
+* When the `certificateSecret` parameter is not set, a wildcard certificate is automatically generated and used. The wildcard certificate is valid for the ingress controller default `domain` and its `subdomains`. The generated certificate authority (CA) is automatically integrated with the truststore of the node.

 * In-use generated and user-specified certificates are automatically integrated with the {microshift-short} built-in OAuth server.

 |`clientTLS`
-|Authenticates client access to the cluster and services. As a result, mutual TLS authentication is enabled. If this parameter is not set, then client TLS is not enabled. You must set the `spec.clientTLS.clientCertificatePolicy` and `spec.clientTLS.clientCA` parameters to use client TLS.
+|Authenticates client access to the node and services. As a result, mutual TLS authentication is enabled. If this parameter is not set, then client TLS is not enabled. You must set the `spec.clientTLS.clientCertificatePolicy` and `spec.clientTLS.clientCA` parameters to use client TLS.

 |`clientTLS.AllowedSubjectPatterns`
 |Optional subfield that specifies a list of regular expressions that are matched against the distinguished name on a valid client certificate to filter requests. This parameter is useful when you have client authentication. Use this parameter to cause the ingress controller to reject certificates based on the distinguished name. The Perl Compatible Regular Expressions (PCRE) syntax is required. You must set the `spec.clientTLS.clientCertificatePolicy` and `spec.clientTLS.clientCA` parameters to use `clientTLS.AllowedSubjectPatterns`.
@@ -378,8 +378,6 @@ Setting this field is not recommended because `headerBufferMaxRewriteBytes` valu

 * If you choose a discrete value and the router pod is migrated to a new node, it is possible that the new node does not have an identical `ulimit` configured. In such cases, the pod fails to start.

-* If you have nodes with different `ulimits` configured, and you choose a discrete value, you can use the value of `-1` for this field so that the maximum number of connections is calculated at runtime.
-
 * You can monitor memory usage for router containers with the `container_memory_working_set_bytes{container="router",namespace="openshift-ingress"}` metric.

 * You can monitor memory usage of individual `HAProxy` processes in router containers with the `container_memory_working_set_bytes{container="router",namespace="openshift-ingress"}/container_processes{container="router",namespace="openshift-ingress"}` metric.
--- a/modules/microshift-ingress-controller-create-cert-secret.adoc
+++ b/modules/microshift-ingress-controller-create-cert-secret.adoc
@@ -37,7 +37,7 @@ $ oc create secret tls <secret> <1>
 +
 [IMPORTANT]
 ====
-The certificate must include the `subjectAltName` extension showing `*.apps.<clustername>.<domain>`.
+The certificate must include the `subjectAltName` extension showing `*.apps.<nodename>.<domain>`.
 ====

 . Update the `certificateSecret` parameter value in the {microshift-short} configuration YAML with the newly created secret.
--- a/modules/microshift-ingress-controller-tls-config.adoc
+++ b/modules/microshift-ingress-controller-tls-config.adoc
@@ -10,7 +10,7 @@ You can configure the TLS security profile for the ingress controller to use by

 .Prerequisites

-* You have root access to the {microshift-short} cluster.
+* You have root access to the {microshift-short} node.

 .Procedure