Add OpenShift configuration to kustomize readme.

doc/kustomize/README.md

@@ -1,25 +1,25 @@
 # Install Guide for Kubernetes using Kustomize
 
-This guide will deploy jitsi on a kubernetes cluster based on [Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/). Kubernetes Kustomize allows you to configure your jitsi setup in an easy and transparent way. 
+This guide will deploy jitsi on a kubernetes cluster based on [Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/). Kubernetes Kustomize allows you to configure your jitsi setup in an easy and transparent way.
 
 
-## Kustomize Your Jitsi 
+## Kustomize Your Jitsi
 
 To create a custom deployment based on kustomize, first create an overlay with your custom settings. Create a new folder with the file *kustomization.yaml*:
 
 	namespace: jitsi
 	bases:
 	- github.com/jitsi-contrib/jitsi-kubernetes/doc/kustomize
-	
+
 	resources:
 	- 041-ingress.yaml
-	
+
 	patchesStrategicMerge:
 	- 030-deployment.yaml
 
 
 
-The *kustomization.yaml* file simply points into the base directory hosted on github. It defines the default namespace 'jitsi' where the resource objects will be created. Within this directory you can define new resources like an Ingress configuration and also resources with custom environment variables to be merged into the a existing base resources. 
+The *kustomization.yaml* file simply points into the base directory hosted on github. It defines the default namespace 'jitsi' where the resource objects will be created. Within this directory you can define new resources like an Ingress configuration and also resources with custom environment variables to be merged into the a existing base resources.
 
 So your Kubernetes setup directory for jitsi should look like this:
 
@@ -28,11 +28,11 @@ So your Kubernetes setup directory for jitsi should look like this:
 	│   ├── 030-deployment.yaml
 	│   ├── 041-ingress.yaml
 	│   └── kustomization.yaml
-	
-              
+
+
 ## Custom Configuration
 
-With the file *030-deployment.yaml* you can add additional environment variables to configure jitsi. 
+With the file *030-deployment.yaml* you can add additional environment variables to configure jitsi.
 The following example shows how to set the environment variable 'PUBLIC_URL' which should point to your public Internet domain configured in your Ingress:
 
 
@@ -42,7 +42,7 @@ The following example shows how to set the environment variable 'PUBLIC_URL' whi
 	  labels:
 	    k8s-app: jitsi
 	  name: jitsi
-	  namespace: jitsi	   
+	  namespace: jitsi
 	spec:
 	  template:
 	    metadata:
@@ -54,22 +54,23 @@ The following example shows how to set the environment variable 'PUBLIC_URL' whi
 	          env:
 	            - name: PUBLIC_URL
 	              value: "https://jitsi.foo.com"
-	
+
 	        - name: prosody
 	          env:
 	            - name: PUBLIC_URL
 	              value: "https://jitsi.foo.com"
 
 
 Replace 'jitsi.foo.com' with your internet domain name:
- 
+
 **Note:** Setting the PUBLIC_URL it is important that you do not add a tailing / at the end of the URL!
 
-Jitsi provides a lot of additional environment variables to customize your setup. 
+Jitsi provides a lot of additional environment variables to customize your setup.
 
 ## Ingress Example
 
-The following example file 041-ingress.yaml adds a new resource object with a custom ingress configuration applied to your cluster. 
+The following example file 041-ingress.yaml adds a new resource object with a custom ingress configuration applied to your cluster. (If you are using Red Hat OpenShift, you
+may find it easier to follow the `Route` example in the following section.)
 
 	---
 	###################################################
@@ -105,7 +106,7 @@ Replace 'jitsi.foo.com' with your Internet domain name:
 
 
 
-###  Linking the ingress.class "nginx" 
+###  Linking the ingress.class "nginx"
 
 Depending on your nginx setup it can be necessary that you explicitly need to add the *ingress.class* 'nginx'. In such a situation you may see a deployment backend event like this:
 
@@ -125,6 +126,54 @@ To fix this, you should add an annotation with the *ingress.class* 'nginx' like
 	.....
 	.........
 
+## OpenShift-specific Configuration
+
+If you are deploying onto
+[Red Hat OpenShift](https://www.redhat.com/en/technologies/cloud-computing/openshift),
+you will need to add a role to the `jitsi` ServiceAccount that enables the containers
+to be launched as root (see [issue #4](https://github.com/jitsi-contrib/jitsi-kubernetes/issues/4)). In your Jitsi directory, create *021-anyuid.yaml*:
+
+```yaml
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: jita-anyuid
+  namespace: jitsi
+subjects:
+  - kind: ServiceAccount
+    name: jitsi
+    namespace: jitsi
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: 'system:openshift:scc:anyuid'
+```
+
+Then add *021-anyuid.yaml* to your *kustomization.yaml* `resources` section.
+
+You may also use a Route instead of an Ingress. To do this, replace *041-ingress.yaml*
+with the following:
+
+```yaml
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  name: jitsi
+  namespace: jitsi
+spec:
+  path: /
+  to:
+    kind: Service
+    name: web
+  port:
+    targetPort: 80
+  tls:
+    termination: edge
+    insecureEdgeTerminationPolicy: Redirect
+```
+
+Your 'PUBLIC_URL' in *031-deployment.yaml* will look like
+`https://jitsi-jitsi.apps.cluster.basedomain.com`.
 
 ## Deploy
 
@@ -140,17 +189,11 @@ Next create a secret with your secret password (replace `my-password` with some
 Now you can deploy your jitsi with:
 
 	$ kubectl apply -k  ./my-jitsi
-	
+
 
 ## Undeploy
 
 To undeploy jitsi run
 
 	$ kubectl delete -k  ./my-jitsi
 	$ kubectl delete namespace jitsi
-
-
-
-
-
-