There are multiple ways to authenticate in OpenShift.

• htpasswd OAuth Identity Provider
• kubeadmin
• SSO keycloak
  • Install Red Hat Single Sign On (SSO) Operator on the command line (this article)
  • Install Red Hat Single Sign On (SSO) Operator using the console

Sign into OpenShift.

oc login -u admin

Let's use the oc new-project command to create a project named sso.

oc new-project sso

Let's create the following YAML file, replacing <namespace> with the project you just created, "sso" in this example.

apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
  name: rhsso-operator-group
spec:
  targetNamespaces:
  - <namespace>
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: rhsso-operator
spec:
  channel: stable
  installPlanApproval: Manual
  name: rhsso-operator
  source: redhat-operators
  sourceNamespace: openshift-marketplace

Let's use the oc apply command to install the Operator.

oc apply --filename sso.yaml

The oc get operators command should include the rhsso-operator.

~]$ oc get operators
NAME                                               AGE
rhsso-operator.sso                                 4m55s

And the oc get all command should return a pod, service, deployment and replica set.

~]$ oc get all
NAME                                  READY   STATUS    RESTARTS   AGE
pod/rhsso-operator-586796996c-wbwvl   1/1     Running   0          3m59s

NAME                             TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)             AGE
service/rhsso-operator-metrics   ClusterIP   172.30.45.192   <none>        8383/TCP,8686/TCP   3m18s

NAME                             READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/rhsso-operator   1/1     1            1           3m59s

NAME                                        DESIRED   CURRENT   READY   AGE
replicaset.apps/rhsso-operator-586796996c   1         1         1       3m59s

Next you will setup keycloak resource for Red Hat Single Sign On (SSO).