Last active
July 27, 2018 19:43
-
-
Save geek182/c5a765dbe9b568e7c0a03c92c91b682e to your computer and use it in GitHub Desktop.
openshift-admin-survival-kit
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Create a user (depends what autentication is config) | |
# htpasswd -c if is first time for create a file after that just remove -c | |
sudo htpasswd -c /etc/origin/master/htpasswd devuser | |
#Create a Group /Role | |
oc adm groups new groupname | |
#Get roles bound | |
#To view a list of all users that are bound to the project and their roles | |
oc get rolebindings | |
#Get Groups | |
oc get groups | |
#Describe user/group | |
oc describe group/devops | |
#Set Labels to user/group | |
oc label group/devops level=gold | |
#Add user to a group | |
oc adm groups add-users dev devuser | |
#Remove self-provisioners from auth users | |
oadm policy remove-cluster-role-from-group self-provisioner system:authenticated system:authenticated:oauth | |
#Add self-provisioner for a specific group | |
oadm policy add-cluster-role-to-group self-provisioner devops | |
#See who is allow to create pod | |
oc adm policy who-can create pod | |
#get all imagestream / templates | |
oc get imagestream --all-namespaces=true | |
#login docker registry | |
docker login -u openshift -p $(oc whoami -t) <registry_ip>:<port> | |
#after login to pull a image | |
sudo docker pull <server>:<port>/<project>/<image name>:<tag> | |
#Create a project and limit which node will be use. | |
#more info https://docs.openshift.org/3.6/admin_guide/managing_projects.html | |
oc adm new-project myproject --node-selector='type=user-node,region=east' | |
#delete all templates which will be inside "templates-to-delete" | |
while read template; do oc delete template/$template ; done <templates-to-delete | |
#add role to group, this is local so i need specify --role-namespace=NAMESPACE/project | |
oadm policy add-role-to-group edit-role-local dev --role-namespace=dev | |
#remove role from user, this is local so i need specify --role-namespace | |
oadm policy remove-role-from-user edit-role-local developer --role-namespace=dev | |
#imagestream more info https://blog.openshift.com/image-streams-faq/ | |
#create a imagestream from a existing image | |
oc import-image python:3.5 --from=centos/python-35-centos7 --confirm | |
#update a imagestream | |
oc import-image <NameOfImage> | |
#point a docker image to a imagestream | |
oc tag docker.io/python:3.6.0 python:3.6 | |
#update a tag to latest | |
oc tag python:3.6 python:latest | |
#scheduled to get update | |
oc tag docker.io/python:3.6.0 python:3.6 --scheduled | |
#delete a tag | |
oc tag -d python:3.5 | |
#import a imagestream from a another project | |
oc tag <source_project>/<image_stream>:<tag> <new_image_stream>:<new_tag> | |
#export a object to template | |
oc export all --as-template=<template_name> > <template_filename> | |
#export a dc | |
oc export dc/<name of dc> | |
# multiple objs with tag | |
oc export dc,svc -l <tag>='<tag value>' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment