Sunday, February 2, 2025
Tuesday, January 28, 2025
Services:
Thursday, January 23, 2025
Scaling and Autoscaling:
Horizontal scaling adds more machines into the system while vertical scaling add more resources to existing system.
Tuesday, January 21, 2025
Quota:
Quota is a set a limit from project level
#oc create quota --help | more
Resource Quota:
#oc create resourcequota --help | more
We can set a limit for the resource through resourcequota.
* CPU
* Memory
* Number of Deployments
* number of services
* number of service accounts
* config Map
* Service accounts
* number of Pods
It will allow the restriction of users and avoid over provision.
Example:
#oc create quota my-quota --hard=cpu=1,memory=1G,pods=2,services=3,replicationcontroller=1,secrets=5,persistentvolumeclaims=10 -n testquota
List resource under core group:
#oc api-resources --api-group="" --namespaced=true
Resource group:
#oc create resourcequota test --hard=count/pods=1
Utilization of resources in OCP cluster:
#oc adm top nodes
Create an APP for testing purpose:
#oc new-app --name myapp --image=registry.example.com:8443/helloworld-nginx
Set a resources for the app
#oc set resources deployment myapp --limits=cpu=200m,memory=300M --requests=cpu=100m,memory=200M
#oc set resources dc/myapp --limits=memory=60Mi --requests=memory=20Mi
Monitoring the process of resources:
#watch oc get all
List the events with timestamp:
#oc get events --sort-by=.metadata.creationTimestamp
Delete a pod:
#oc delete pod -l deploymentconfig=myapp1
Scale out the pods:
#oc scale dc/myapp1 --replicas=5
Create a quota:
#oc create quota my-quota --hard=limits.cpu=2,limits.memory=200Mi,requests.cpu=1,requests.memory=100Mi,pods=3,services=10
Friday, January 17, 2025
Authentication and authorization:
Authentication will check whether user has access or not from the system
Authorization : It will user has a right role or access for application side.
Openshift has a two roles 1) cluster role 2) Project role
#oc get clusterrolebinding
#oc get rolebinding
1) Create users
2) Integrate users with OCP
3) How to assign roles as per requirement of user
4) How to create groups
5) How to add users to the groups
Create a user through htpasswd
#htpasswd -c -B -b filename username password
-B option is encrypied the password
-b - single line command
#oc get secret -n openshift-config
Secret has 3 types such as Docker-registry, generic and tls.
#oc create secret generic mysecret --from-file=test -n openshift-config
Create users
#htpasswd -B -b myusers test1 passwd
Integrate users with OCP environment
#oc create secret generic mysecret --from-file=htpasswd=myusers -n openshift-config
#oc get secret mysecret -n openshift-config -o yaml
#oc get oauth cluster -o yaml > oauth.yaml
#oc replace -f oauth.yaml
Testing the login with OCP environment
#oc login -u test -p passwd
#oc new-project testing1
#oc describe project testing1
Edit the yaml file through vim with GUI
#vi .vimrc
autocmd FileType yaml setlocal ts=2 cuc curl
cuc - cursal problem
curl - cursal line
aicuc - Auto indentation
We can able to get a roles details under clusterrolebinding:
#oc get clusterrolebinding | grep -i cluster-admin
#oc describe clusterrolebinding cluster-admin
Delete a role under clusterrolebinding:
#oc delete clusterrolebinding cluster-admin
Do view the policy
#oc adm policy
Default role of cluster and project policy:
Cluster - Cluster-admin and self-provisioner
Project - admin, edit and view
Adding a user into role
#oc adm policy add-cluster-role-to-user cluster-admin username
Remove a role from user
#oc adm policy remove-cluster-role-from-group self-provisioner user
#oc adm policy remove-cluster-role-from-group self-provisioner system:authenticated:oauth
Sunday, January 5, 2025
Private Registry Diagram:
#yum install container-tools -y
Saturday, December 28, 2024
- OpenShift is provide a platform as service [PaaS]. It is an enterprise product of Kubernetes.
- OpenShift is a top layer of orchestration ith K8S. K8S will use in the Development or Staging environment and OpenShift will be use in the Production environment.
Saturday, August 24, 2024
Openshift is a platform as service.
Open shift origin - It is based on Docker container and the Kubernetes cluster manager with added developer and operational centric tools that enable rapid application development, deployment and lifecycle management. It is classified as 4 different types as bellow's.
* Openshift origin - Open source application platform
* Openshift online - Public version of Openshift origin by Redhat.
* Openshift dedicate - Managed a dedicate private cloud
* Openshift enterprise
Containerization:
* Docker utilize a LXCI container
* LXC container often consider as something in the middle of chroot and full fledged virtual machine.
* LXCFS is a simple userspace file system designed to work around some current limitation of the linux kernel.
Orchestration Technologies
* Docker Swarm , Kubernetes and MESOS
Openshift Architecture:
* Openshift container registery
* Openshift console web - Users & Project
Openshift setup
* All in one deployment
* Single master and multiple nodes
* We can installed through 2 methods.
* Package manager (RPM) & Containerized
=> Rest API
*getting a authroization token
>oc whoami -t
Openshift project:
* project is created a top of the K8S as namespace.
* Openshift comes with default 3 types of users.
* regular user, system user and service account
Regular user - Developer
System User - system.admin and system.master
Service account - It is need for each project
Master configuration file - /etc/openshift/master/master-config.yaml
>oc get users [list the users]
Openshift build and deployment:
Source code management
Create Build -> Download source -> Build image -> Push to Registry -> Deploy
Openshift is introduce an image stream- It will manage an images across the hosts.
Image stream is not point out the target names instead of point out for the target id which is unique.
*Web hook is a advance technology for https request.
* Replicas used to set as 1 by default and strategy get as Rolling.
* Blue/green deployment method and Advance strategy method
CLI:
>oc rollout latest dc/simpleweb-docker
>oc rollout history dc/simpleweb-docker
>oc rollout describe dc simpleweb-docker
>oc rollout undo dc/simpleweb-docker
Openshift network:
Openshift software define network [SDN] will ensure the communication between the pods.
*Open Vswitch
* Vlan tagging, Trunking, LACP and Port mirroring
*Openshift has a DNS server and maintain an IP address with hosts.
*ovs-multitenant will assign a unique IP address of each pods.
Route-Load balance:
* source is a default routing in Openshift.
* roundrobin
* least connection
Add template in Openshift:
github -> openshift => Origin -> examples -> db-templates
Import json object from Openshift console
copy the template and create via import option
Project:
Front end page:
github -> mmumshad -> example-voting-app -> vote
select advance option incase if you delcare with sub branch under master branch.













