Special thanks to Ben Schmaus and his amazing blog post.
We also discussed the process here during the Ask an OpenShift Admin live stream on Oct 20th.
-
Pre-reqs
Download the tools we'll need.
#!/bin/bash | |
set -xe | |
CHECKLOGGINGUSER=$(whoami) | |
if [ ${CHECKLOGGINGUSER} == "root" ]; | |
then | |
echo "login as sudo user to run script." | |
echo "You are currently logged in as root" | |
exit 1 | |
fi |
Special thanks to Ben Schmaus and his amazing blog post.
We also discussed the process here during the Ask an OpenShift Admin live stream on Oct 20th.
Pre-reqs
Download the tools we'll need.
Understand AD LDAP structure and naming. Read the docs on the components
Refer to the OpenShift docs for the LDAP identity provider and LDAP group syncing.
Create the OAuth config
# create a secret for the bindDN user password
#!/bin/bash | |
# | |
# Reference: https://www.openshift.com/blog/openshift-4-2-disconnected-install | |
# | |
HOSTNAME=`hostname` | |
USERNAME=admin | |
PASSWORD=password | |
yum -y install podman httpd httpd-tools | |
mkdir -p $(pwd)/registry/{auth,certs,data} |
This gist describes how to set up standalone kubelet + CRI-O + CNI on Fedora Core 31. The goal is to place a Kubernetes Pod manifest on an single node and access the application from the network. This guide has been tested on x86-64 and armv7 deployments.
Make sure the system is up to date:
dnf -y update
oc adm upgrade --to-image=registry.svc.ci.openshift.org/origin/release:4.2 --force |
This is a solution of a common problem with Nexus Docker repositories. The administrator has to expose port for "pull", another port for "push", other ports for each hosted repository. This solution is about leveraging Nginx reverse proxy to avoid using these ports.
Given :