Update docs, clarify the requirements on DNS names registration

Airship Seaworthy installation requires a set of valid DNS
names to be configured, ensure that the user register
these names prior to running the deployment.

Change-Id: I7846e5bdcaf55560f8a0d841fd3dc1db7c912490

doc/source/authoring_and_deployment.rst

@@ -179,7 +179,6 @@ Establishing build node environment
     git clone https://git.openstack.org/openstack/airship-pegleg
     git clone https://git.openstack.org/openstack/airship-treasuremap
 
-
 Building Site documents
 -----------------------
 
@@ -237,6 +236,64 @@ the order in which you should build your site files is as follows:
 4. site/$NEW\_SITE/pki/pki-catalog.yaml
 5. All other site files
 
+Register DNS names
+~~~~~~~~~~~~~~~~~~
+
+Register the following list of DNS names:
+
+::
+
+    cloudformation.DOMAIN
+    compute.DOMAIN
+    dashboard.DOMAIN
+    grafana.DOMAIN
+    iam.DOMAIN
+    identity.DOMAIN
+    image.DOMAIN
+    kibana.DOMAIN
+    nagios.DOMAIN
+    network.DOMAIN
+    nova-novncproxy.DOMAIN
+    object-store.DOMAIN
+    orchestration.DOMAIN
+    placement.DOMAIN
+    shipyard.DOMAIN
+    volume.DOMAIN
+
+Here ``DOMAIN`` is a name of ingress domain, you can find it in the
+``data.dns.ingress_domain`` section of
+``site/${NEW_SITE}/secrets/certificates/ingress.yaml`` configuration file.
+
+Run the following command to get up to date list of required DNS names:
+
+::
+
+    grep -E 'host: .+DOMAIN' site/${NEW_SITE}/software/config/endpoints.yaml | \
+        sort -u | awk '{print $2}'
+
+Update Secrets
+~~~~~~~~~~~~~~
+
+Replace passphrases under ``site/${NEW_SITE}/secrets/passphrases/``
+with random generated ones:
+
+- Passpharses generation ``openssl rand -hex 10``
+- UUID generation ``uuidgen`` (e.g. for Ceph filesystem ID)
+- Update ``secrets/passphrases/ipmi_admin_password.yaml`` with IPMI password
+- Update ``secrets/passphrases/ubuntu_crypt_password.yaml`` with password hash:
+
+::
+
+    python3 -c "from crypt import *; print(crypt('<YOUR_PASSWORD>', METHOD_SHA512))"
+
+Configure certificates in ``site/${NEW_SITE}/secrets/certificates/ingress.yaml``,
+they need to be issued for the domains configured in ``Register DNS names`` section.
+
+.. caution::
+
+    It is required to configure valid certificates, self-signed certificates
+    are not supported.
+
 Control Plane Ceph Cluster Notes
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -335,33 +392,6 @@ The data section of this file would look like:
                   type: block-logical
                   location: /dev/sdc2
 
-
-Update Passphrases
-~~~~~~~~~~~~~~~~~~~~
-
-Replace passphrases under ``site/${NEW_SITE}/secrets/passphrases/``
-with random generated ones:
-
-- Passpharses generation ``openssl rand -hex 10``
-- UUID generation ``uuidgen`` (e.g. for Ceph filesystem ID)
-- Update ``secrets/passphrases/ipmi_admin_password.yaml`` with IPMI password
-- Update ``secrets/passphrases/ubuntu_crypt_password.yaml`` with password hash:
-
-::
-
-    python3 -c "from crypt import *; print(crypt('<YOUR_PASSWORD>', METHOD_SHA512))"
-
-Configure certificates in ``site/${NEW_SITE}/secrets/certificates/ingress.yaml``,
-they need to be issued for domain configured in a section ``data.dns.ingress_domain``
-of a file ``./site/${NEW_SITE}/networks/common-addresses.yaml``. A list of endpoints
-which will be used with these certificates can be found in the following file
-``./site/${NEW_SITE}/software/config/endpoints.yaml``.
-
-.. caution::
-
-    It's required to configure valid certificates, self-signed certificates
-    are not supported.
-
 Manifest linting and combining layers
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~