Skip to content

Instantly share code, notes, and snippets.

@noushi
Last active April 4, 2023 19:24
Show Gist options
  • Save noushi/634796d51a27de42fd8043f9aa04cf48 to your computer and use it in GitHub Desktop.
Save noushi/634796d51a27de42fd8043f9aa04cf48 to your computer and use it in GitHub Desktop.

Openshift Development Course Setup

selflink : https://bit.ly/3zxs2Kv

Requirements

  1. Red Hat registry pull secret (can be recovered from cloud.redhat.com )
  2. credentials for AWS (or any other supported cloud)
  3. oc accessible in your PATH ( https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/openshift-client-linux.tar.gz )
  4. openshift-install accessible in your PATH ( https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/openshift-install-linux.tar.gz )

Steps

Cluster Creation

openshift-install create --dir=mycluster --log-level=info install-config
openshift-install create --dir=mycluster --log-level=info manifests
openshift-install create cluster --dir=mycluster --log-level=info

User Accounts Creation

You'll need to run this script on a users.list file of your chosing, then load the resulting htpasswd file as an oauth identity provider.

bin/gen-htpass

#!/bin/bash

FILE="${1:-users.list}"
HTFILE=users.htpasswd

gen() {
    > $HTFILE
    
    cat $FILE | while read USER PASS ; do
	htpasswd -B -b $HTFILE "$USER" "$PASS"
    done
}

gen

Sample users.list

student1 pass1
student2 pass2
...

bin/setup-htpasswd-auth

#!/bin/bash

HTFILE=users.htpasswd

oc get secret -n openshift-config  htpass-secret -o yaml >htpass-secret-backup.yaml

oc delete secret -n openshift-config  htpass-secret

oc create secret generic htpass-secret --from-file=htpasswd=$HTFILE -n openshift-config

oc get oauth cluster -o yaml >oauth-backup.yaml

oc apply -f- <<EOF
apiVersion: config.openshift.io/v1
kind: OAuth
metadata:
  name: cluster
spec:
  identityProviders:
  - name: my_htpasswd_provider 
    mappingMethod: claim 
    type: HTPasswd
    htpasswd:
      fileData:
        name: htpass-secret

EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment