diff --git a/modules/odc-access-web-terminal.adoc b/modules/odc-access-web-terminal.adoc index 047e891c9c..3353a9dcf3 100644 --- a/modules/odc-access-web-terminal.adoc +++ b/modules/odc-access-web-terminal.adoc @@ -23,6 +23,7 @@ The web terminal remains open until you close it or until you close the browser + [NOTE] ==== +* One `DevWorkspace` CR defines the web terminal of one user. This CR contains details about the user's web terminal status and container image components. * The `DevWorkspace` CR is created only if it does not already exist. ifndef::openshift-rosa,openshift-dedicated[] * The `openshift-terminal` project is the default project used for cluster administrators. They do not have the option to choose another project. The {web-terminal-op} installs the DevWorkspace Operator as a dependency. diff --git a/web_console/web_terminal/troubleshooting-web-terminal.adoc b/web_console/web_terminal/troubleshooting-web-terminal.adoc index b55d5e1c09..3da5e6a1f5 100644 --- a/web_console/web_terminal/troubleshooting-web-terminal.adoc +++ b/web_console/web_terminal/troubleshooting-web-terminal.adoc @@ -9,6 +9,44 @@ toc::[] [id="troubleshooting-web-terminal-network-policies"] == Web terminal and network policies -The web terminal might fail to launch if the cluster has network policies configured. To initialize a web terminal instance, the {web-terminal-op} must communicate with the web terminal's pod to verify it is running, and the {product-title} web console needs to send information to automatically log in to the cluster within the terminal. If either step fails, the web terminal fails to initialize and the terminal panel appears to be in a loading state. +The web terminal might fail to start if the cluster has network policies configured. To start a web terminal instance, the {web-terminal-op} must communicate with the web terminal's pod to verify it is running, and the {product-title} web console needs to send information to automatically log in to the cluster within the terminal. If either step fails, the web terminal fails to start and the terminal panel is in a loading state until a `context deadline exceeded error` occurs. -To avoid this issue, ensure that the network policies for namespaces that are used for terminals allow ingress from the `openshift-console` and `openshift-operators` namespaces. \ No newline at end of file +To avoid this issue, ensure that the network policies for namespaces that are used for terminals allow ingress from the `openshift-console` and `openshift-operators` namespaces. + +The following samples show `NetworkPolicy` objects for allowing ingress from the `openshift-console` and `openshift-operators` namespaces. + +.Allowing ingress from the `openshift-console` namespace +[source,yaml] +---- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-from-openshift-console +spec: + ingress: + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: openshift-console + podSelector: {} + policyTypes: + - Ingress +---- + +.Allowing ingress from the `openshift-operators` namespace +[source,yaml] +---- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: allow-from-openshift-operators +spec: + ingress: + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: openshift-operators + podSelector: {} + policyTypes: + - Ingress +---- \ No newline at end of file