OpenShift 1 Flashcards
Kubernetes main resource types
POD (po)
Persistent Volumes (pv)
Persistent Volume Claims (pvc)
Build Config (bc)
Deployment / deployment Confg (dc)
Services (svc)
Config Maps (cm)
Secrets
Login to OCP cluster using CLI
oc login -u user1 -p passwd URL
Forward port to mysql server
oc port-forward mysql 3306:3306
Deploy mysql using template
oc new-app
- -template=mysql-persistent
- p MYSQL_USER=user1
- p MYSQL_PASSWORD=mypa55
- p MYSQL_DATABASE=testdb
- p MYSQL_ROOT_PASSWORD=r00tpa55
- p VOLUME_CAPACITY=10Gi
Deploy mysql using image from registry
oc new-app –image=myregistry.com/mycompany/myapp –name=myapp
Deploy app using github url
oc new-app https://github.com/openshift/ruby-hello-world –name=ruby-hello
Deploy mysql using mysql image
oc new-app mysql MYSQL_USER=user MYSQL_PASSWORD=pass MYSQL_DATABASE=testdb -l db=mysql
Get list of pv
oc get pv
Create pv
oc create -f pvc.yaml
get certain resources
oc get RESOURCE_TYPE RESOURCE_NAME
Show detailed of the resource
oc describe resource_type resource_name
oc create
oc create
edit resource
oc edit deploymentconfig/parksmap-katacoda
Delete resource
oc delete RESOURCE_TYPE name
Search by label
oc get svc,deployments -l app=nexus
Create a route
oc expose svc quotedb –name quote
oc expose object_type object_name
Restart an OCP build
oc start-build myapp
Create an app with s2i
oc new-app -i php http://services.lab.example.com/app –name=myapp
Get list of image streams for a specific project.
oc get is -n openshift
Get list of builds
oc get builds
Get list of bc
oc get buildconfig
Get list of templates inside a project where you are not currently
oc get templates -n openshift
Explain: oc process –parameters mysql-persistent -n openshift
list available parameters/resources from a template
Process a template and redirect output to a file
oc process -o yaml -f filename > myapp.yaml
Which OCP resource is responsible for the build step in the S2I process
BuildConfig (BC)
How do you retrieve logs resulting from the S2I build step?
oc logs bc/appname
How do you retrieve logs resulting from the S2I deployment step?
oc logs -f deployment/appname
How do you troubleshoot volume issues in OCP?
1) Delete the persistent volume claim
2) Delete the persistent volume.
3) Recreate the persistent volume
Delete persistent volume
oc delete pv
Monitor logs from a build
oc logs -f bc/temps
Flag to configure oc new-app to create a DeploymentConfig resource instead of a Deployment
–as-deployment-config
Flag to provide the image stream to be used
–image-stream
-i
Flag to specify if deployment is docker or pipeline or source
–strategy
Flag to provide the URL to a Git repository to be used as input to an S2I build
–code
Flag to provide the URL to a container image to be deployed.
–docker-image
Flag to show the result of the operation without performing it
–dry-run
Flag to provide the path to a directory to treat as the root when creating an app from a git URL
–context-dir
Build app from git url using specific builder image
oc new-app php~http://gitserver.example.com/mygitrepo
oc new-app -i php http://gitserver.example.com/mygitrepo
oc new-app php:7.0~http://gitserver.example.com/mygitrepo
oc new-app -i php:7.0 http://gitserver.example.com/mygitrepo
Diff between tilde (~) and –image-stream (-i) options
- i : requires git client installed locally
- i: language detection needs to clone the repo for inspection
~ : no language detection
~ : no git client needed
Command to retrieve a file inside a running container file system
oc cp frontend-1-zvjhb:/var/log/httpd/error_log \
/tmp/frontend-server.log
Diff between Linux cp and oc cp
oc cp does not copy a file to a folder.
execute commands inside the container
oc rsh frontend-1-zvjhb ps ax
Start and interactive shell to container
oc rsh -t frontend-1-zvjhb
create a new configuration map that stores string literals
oc create cm config_map_name \
- -from-literal key1=value1 \
- -from-literal key2=value2
create a new secret that stores string literals
oc create secret generic secret_name \
- -from-literal username=user1 \
- -from-literal password=mypa55w0rd
create a new configuration map that stores the contents of a file or a directory containing a set of files
oc create cm config_map_name \
–from-file /home/demo/conf.txt
create a new secret that stores the contents of a file or a directory containing a set of files
oc create secret generic secret_name \
–from-file /home/demo/mysecret.txt
Command to retrieve cm in json
oc get configmap/myconf -o json
Command to edit cm
oc edit configmap/myconf
Command to alter a cm
oc patch cm/myconf –patch ‘{“data”:{“key1”:”newvalue1”}}’
inject all values stored in a cm into a deployment
oc set env deployment/my-deployment-name –from configmap/mycm
Create secrets to allow OCP to connect to docker registry
oc create secret docker-registry registrycreds \
- -docker-server registry.example.com \
- -docker-username youruser \
- -docker-password yourpassword
Link secrets to default service account
oc secrets link default registry-creds-name –for=pull
Link secrets registrycreds to builder image
oc secrets link builder registrycreds –for=pull,mount
Create a route to expose the internal OCP registry
oc patch config.imageregistry cluster -n openshift-image-registry \
–type merge -p ‘{“spec”:{“defaultRoute”:true}}’
Show the route of the internal OCP registry
oc get route -n openshift-image-registry
Log in into the internal registry from CLI
1) TOKEN=$(oc whoami -t)
2) podman login -u myuser -p ${TOKEN} internal-registry-url
allows a user to pull images from the internal registry in a given project
oc policy add-role-to-user system:image-puller \
user_name -n project_name
Get image stream tags in a project
oc get istag -n openshift
create an image stream tag resource for a container image hosted on an external registry
oc import-image myimagestream[:tag] –confirm \
–from registry/myorg/myimage[:tag]
oc import-image myimagestream:1.0 –confirm \
–from registry/myorg/myimage
create one image stream tag resource for each container image tag that exists in the source registry server
oc import-image myimagestream –confirm –all \
–from registry/myorg/myimage
update an image stream tag to match one current image IDs on the source registry server
oc import-image myimagestream[:tag] –confirm
Starts a new build manually.
oc start-build name
Cancel a build
oc cancel-build name
Deletes a build configuration.
oc delete bc/name
Delete a build
oc delete build/name-1
Describes details about a build configuration resource and the associated builds,
oc describe bc name
Describe a build providing the build name:
oc describe build name-1
How do you change the number of most recent builds that are persisted
Edit the bc and change following properties:
successfulBuildsHistoryLimit, and the failedBuildsHistoryLimit
change log level for bc
oc set env bc/name BUILD_LOGLEVEL=”4”
Deploy app using pre-created image
oc new-app –docker-image=registry.access.redhat.com/rhel7-mysql57
What are the oc-new app option flags?
–as-deployment-config
–image-stream
–strategy
–code
–docker-image
–dry-run
–context-dir
Parameters for –strategy
- docker
- source
- pipeline
Explain –strategy
Helps in disambiguating if URL contains both docker file and source code
Explain –as-deployment-config
Used in oc new-app to use deployment config for the deployment of the app instead of deployment.
Create image stream named myis for acme/awesome container image coming from insecure registry.com
oc import-image myis –confirm –from registry.com/acme/awesome –insecure
What are image stream tags for?
1) points to new container tag
2) alternative friendly name for the container image
Examples:
1) ruby:2.5 for container image rhel8/ruby-25.
2) ruby:2.6 for container image rhel8/ruby-26
What are different types of secrets?
- basic-auth
- opaque
- service-account-token
- ssh-auth
- tls
Pod CR
Create POD from CLI
oc run example-pod
–image=quay.io/example/awesome-container
–env GREETING=’Hello from the awesome container’ \ –port=8080
Service CR
Create service using CLI
oc expose pod backend-app –port=8080 –targetPort=8080 –name=backend-app
Deployment CR
Create deployment using CLI
oc create deployment example-deployment
–image=quay.io/example/awesome-container
–replicas=3
