Skip to content

Instantly share code, notes, and snippets.

@faermanj
Last active September 19, 2023 18:01
Show Gist options
  • Save faermanj/a577a8837712d509b81e0744553b98a2 to your computer and use it in GitHub Desktop.
Save faermanj/a577a8837712d509b81e0744553b98a2 to your computer and use it in GitHub Desktop.
Getting Started with Red Hat OpenShift on AWS
# docker run -it --rm -p 0.0.0.0:8080:80 blackicebird/2048
apiVersion: apps/v1
kind: Deployment
metadata:
name: g2048
labels:
app: g2048
spec:
replicas: 1
selector:
matchLabels:
app: g2048
template:
metadata:
labels:
app: g2048
spec:
containers:
- name: g2048
image: blackicebird/2048
ports:
- containerPort: 80
securityContext:
runAsUser: 0
---
apiVersion: v1
kind: Service
metadata:
name: g2048-service
spec:
selector:
app: g2048
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 32333
---
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: g2048-route
spec:
to:
kind: Service
name: g2048-service
#!/bin/bash
rosa delete cluster -y -c "goose"
# rosa delete operator-roles -c
# rosa delete oidc-provider -c
# IAM User delete
rosa init -y --delete
# Delete service roles
rosa delete account-roles -m auto -p ManagedOpenShift
#!/bin/bash
# Warning: Security implications
oc adm policy add-scc-to-group privileged system:authenticated
oc apply -f g2048.yaml
oc get all
#!/bin/bash
rosa create cluster --cluster-name="goose" --sts
rosa list clusters --output json | jq -r '.[0]'
watch -n 15 'rosa list clusters --output json | jq -r ".[].status.state"'
# --insecure-skip-tls-verify
rosa create admin --cluster="goose" | tee create_admin.log
# oc login
oc whoami
oc status
oc get nodes
#
oc new-project "goose-project"
#
oc create secret docker-registry dockersecret \
--docker-server="docker.io" \
--docker-username="$DOCKER_USERNAME" \
--docker-password="$DOCKER_PASSWORD" \
--docker-email="$DOCKER_EMAIL"
#
oc secrets link default dockersecret --for=pull --namespace="goose-project"
#!/bin/bash
# Install ROSA CLI
export ROSA_URL=https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/rosa/latest/rosa-linux.tar.gz
mkdir -p /tmp/rosa/
wget -O /tmp/rosa/rosa-linux.tar.gz $ROSA_URL
tar zxvf /tmp/rosa/rosa-linux.tar.gz -C /tmp/rosa/
ls /tmp/rosa/
sudo mv /tmp/rosa/rosa /usr/local/bin/
rm /tmp/rosa/rosa-linux.tar.gz
# Check ROSA CLI
rosa version
# Install OC CLI
rosa download oc
sudo tar zxvf openshift-client-linux.tar.gz -C /usr/local/bin
oc version
# ROSA Authentication
# https://console.redhat.com/openshift/token/rosa/show
rosa login --token=$ROSA_TOKEN
rosa whoami
# AWS Authentication
aws sts get-caller-identity
aws configure get region
# STS mode: Create Roles
rosa create account-roles --mode auto -y
# IAM User mode: Init rosa
rosa init -y
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment