The following is a good diagram of the various services running. Note, we can use infranodes to pull those cluster services from the compute nodes (things like registry, observability, monitoring, etc). Diagram from the docs.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # create namespace | |
| oc new-project vista | |
| # sa | |
| # can use default, this is convenient but not best practice | |
| # oc adm policy add-scc-to-user anyuid -z default | |
| oc create sa root | |
| oc adm policy add-scc-to-user privileged -z root |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # delete config map | |
| oc delete configmap custom-ca -n openshift-config | |
| # re-create it | |
| oc create configmap custom-ca --from-file=ca-bundle.crt=</path/to/example-ca.crt> -n openshift-config | |
| # make sure config map is being used | |
| oc patch proxy/cluster --type=merge --patch='{"spec":{"trustedCA":{"name":"custom-ca"}}}' |
jkeam
/ add_users_to_openshift.sh
Last active
October 7, 2024 01:51
Add users to OpenShift via htpasswd
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # create admin and user1 with password `openshift` | |
| # -c for file, -n just for console | |
| # -B for bcrypt | |
| # -b for allowing password in command | |
| htpasswd -c -B -b ./openshift.htpasswd admin openshift | |
| htpasswd -B -b ./openshift.htpasswd user1 openshift | |
| # add secret with username/passwords |
jkeam
/ mad_roadshow_links.md
Last active
December 13, 2023 14:48
— forked from brandoncox/MAD Roadshow links
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: podman-priv | |
| spec: | |
| containers: | |
| - name: priv | |
| image: quay.io/podman/stable:v4.4.1 | |
| args: | |
| - sleep |
jkeam
/ setup-gitlab-with-rancher-and-ocp.md
Last active
March 3, 2023 02:20
Setup for Demo for GitLab with Rancher and OpenShift runners
The code for this project is here [email protected]:jkeam/spring-petclinic-pac.git and the file we should be using is .gitlab-ci-kube.yml so in the repo that's in GitLab, make sure to blow away the original .gitlab-ci.yml and rename .gitlab-ci-kube.yml to .gitlab-ci.yml.
Something like below:
jkeam
/ gitlab-with-rancher-and-ocp.md
Last active
March 3, 2023 02:01
Demo for GitLab with Rancher and OpenShift runners
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Pod Security Admission Demo | |
| ## Part 1 - What is this | |
| 1. New Project: | |
| oc new-project psa-test | |
| 2. Create deployment | |
| oc create -f https://raw.githubusercontent.com/radikaled/psa/main/deploy/psa-test-deployment.yaml |
jkeam
/ openshift-project-request-template.md
Created
January 31, 2023 03:16
OpenShift Project Request Template - EgressNetworkPolicy