Skip to content

Instantly share code, notes, and snippets.

@kkrico
Created March 25, 2019 16:56
Show Gist options
  • Save kkrico/b741bb6077d9572a76cfbd2b9e13c81a to your computer and use it in GitHub Desktop.
Save kkrico/b741bb6077d9572a76cfbd2b9e13c81a to your computer and use it in GitHub Desktop.
OC Cluster UP
oc cluster up --version=v3.9.0 --public-hostname=dframos.com --use-existing-config=true
oc adm policy add-cluster-role-to-user cluster-admin admin
nano /var/lib/origin/openshift.local.config/master/master-config.yaml
admissionConfig:
pluginConfig:
GenericAdmissionWebhook:
configuration:
apiVersion: v1
disable: false
kind: DefaultAdmissionConfig
location: ""
aggregatorConfig:
proxyClientInfo:
certFile: aggregator-front-proxy.crt
keyFile: aggregator-front-proxy.key
apiLevels:
- v1
apiVersion: v1
auditConfig:
auditFilePath: ""
enabled: false
logFormat: ""
maximumFileRetentionDays: 0
maximumFileSizeMegabytes: 0
maximumRetainedFiles: 0
policyConfiguration: null
policyFile: ""
webHookKubeConfig: ""
webHookMode: ""
authConfig:
requestHeader:
clientCA: front-proxy-ca.crt
clientCommonNames:
- aggregator-front-proxy
extraHeaderPrefixes:
- X-Remote-Extra-
groupHeaders:
- X-Remote-Group
usernameHeaders:
- X-Remote-User
controllerConfig:
controllers:
- '*'
election: null
serviceServingCert:
signer:
certFile: service-signer.crt
keyFile: service-signer.key
controllerLeaseTTL: 0
controllers: '*'
corsAllowedOrigins:
- //127\.0\.0\.1(:|$)
- //dframos\.com:8443$
- //localhost(:|$)
disabledFeatures: null
dnsConfig:
allowRecursiveQueries: true
bindAddress: 0.0.0.0:8053
bindNetwork: tcp4
etcdClientInfo:
ca: ca.crt
certFile: master.etcd-client.crt
keyFile: master.etcd-client.key
urls:
- https://127.0.0.1:4001
etcdConfig:
address: 127.0.0.1:4001
peerAddress: 127.0.0.1:7001
peerServingInfo:
bindAddress: 0.0.0.0:7001
bindNetwork: tcp4
certFile: etcd.server.crt
clientCA: ca.crt
keyFile: etcd.server.key
namedCertificates: null
servingInfo:
bindAddress: 0.0.0.0:4001
bindNetwork: tcp4
certFile: etcd.server.crt
clientCA: ca.crt
keyFile: etcd.server.key
namedCertificates: null
storageDirectory: /var/lib/origin/openshift.local.etcd
etcdStorageConfig:
kubernetesStoragePrefix: kubernetes.io
kubernetesStorageVersion: v1
openShiftStoragePrefix: openshift.io
openShiftStorageVersion: v1
imageConfig:
format: openshift/origin-${component}:v3.9.0
latest: false
imagePolicyConfig:
allowedRegistriesForImport:
- domainName: docker.io
- domainName: '*.docker.io'
- domainName: '*.redhat.com'
- domainName: gcr.io
- domainName: quay.io
- domainName: registry.centos.org
- domainName: registry.redhat.io
- domainName: '*.amazonaws.com'
disableScheduledImport: false
maxImagesBulkImportedPerRepository: 5
maxScheduledImageImportsPerMinute: 60
scheduledImageImportMinimumIntervalSeconds: 900
jenkinsPipelineConfig:
autoProvisionEnabled: true
parameters: null
serviceName: jenkins
templateName: jenkins-persistent
templateNamespace: openshift
kind: MasterConfig
kubeletClientInfo:
ca: ca.crt
certFile: master.kubelet-client.crt
keyFile: master.kubelet-client.key
port: 10250
kubernetesMasterConfig:
admissionConfig:
pluginConfig: null
apiLevels: null
apiServerArguments:
runtime-config:
- apis/admissionregistration.k8s.io/v1alpha1=true
storage-backend:
- etcd3
storage-media-type:
- application/vnd.kubernetes.protobuf
controllerArguments: null
disabledAPIGroupVersions: {}
masterCount: 1
masterEndpointReconcileTTL: 15
masterIP: 127.0.0.1
podEvictionTimeout: 5m
proxyClientInfo:
certFile: master.proxy-client.crt
keyFile: master.proxy-client.key
schedulerArguments: null
schedulerConfigFile: ""
servicesNodePortRange: 30000-32767
servicesSubnet: 172.30.0.0/16
staticNodeNames: null
masterClients:
externalKubernetesClientConnectionOverrides:
acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
burst: 400
contentType: application/vnd.kubernetes.protobuf
qps: 200
externalKubernetesKubeConfig: ""
openshiftLoopbackClientConnectionOverrides:
acceptContentTypes: application/vnd.kubernetes.protobuf,application/json
burst: 600
contentType: application/vnd.kubernetes.protobuf
qps: 300
openshiftLoopbackKubeConfig: openshift-master.kubeconfig
masterPublicURL: https://dframos.com:8443
networkConfig:
clusterNetworkCIDR: 10.128.0.0/14
clusterNetworks:
- cidr: 10.128.0.0/14
hostSubnetLength: 9
externalIPNetworkCIDRs: null
hostSubnetLength: 9
ingressIPNetworkCIDR: 172.29.0.0/16
networkPluginName: ""
serviceNetworkCIDR: 172.30.0.0/16
oauthConfig:
alwaysShowProviderSelection: false
assetPublicURL: https://dframos.com:8443/console/
grantConfig:
method: auto
serviceAccountMethod: prompt
identityProviders:
- name: htpasswd
challenge: true
login: true
provider:
apiVersion: v1
kind: HTPasswdPasswordIdentityProvider
file: /var/lib/origin/openshift.local.config/master/users.htpasswd
masterCA: ca-bundle.crt
masterPublicURL: https://dframos.com:8443
masterURL: https://127.0.0.1:8443
sessionConfig:
sessionMaxAgeSeconds: 300
sessionName: ssn
sessionSecretsFile: ""
templates: null
tokenConfig:
accessTokenMaxAgeSeconds: 86400
authorizeTokenMaxAgeSeconds: 300
pauseControllers: false
policyConfig:
bootstrapPolicyFile: policy.json
openshiftInfrastructureNamespace: openshift-infra
openshiftSharedResourcesNamespace: openshift
userAgentMatchingConfig:
defaultRejectionMessage: ""
deniedClients: null
requiredClients: null
projectConfig:
defaultNodeSelector: ""
projectRequestMessage: ""
projectRequestTemplate: ""
securityAllocator:
mcsAllocatorRange: s0:/2
mcsLabelsPerProject: 5
uidAllocatorRange: 1000000000-1999999999/10000
routingConfig:
subdomain: dframos.com
serviceAccountConfig:
limitSecretReferences: false
managedNames:
- default
- builder
- deployer
masterCA: ca-bundle.crt
privateKeyFile: serviceaccounts.private.key
publicKeyFiles:
- serviceaccounts.public.key
servingInfo:
bindAddress: 0.0.0.0:8443
bindNetwork: tcp4
certFile: master.server.crt
clientCA: ca.crt
keyFile: master.server.key
maxRequestsInFlight: 1200
namedCertificates: null
requestTimeoutSeconds: 3600
volumeConfig:
dynamicProvisioningEnabled: true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment