Bootstrap
<FreeKB>
Home
About
Walkthroughs
OpenShift
Profile
Sign in
FreeKB Articles
OpenShift articles
Getting Started with OpenShift
View node logs using the oc adm node-logs command
Admin Console
Getting Started with the Admin Console
Alert Manager
Expire Alert Manager Silence using amtool
List Alert Manager Alerts using amtool
List Alert Manager Silenced Alerts using amtool
Silence Alert Manager Alerts using amtool
Annotate
Annotate a resource using the oc annotate command
API Request Counts
List API Request Counts using the oc get apirequestcounts command
API Server
Display API Server URL using the oc config view command
Display api URL using the oc get apiserver command
Get API Server Certificates using OpenSSL
Get API Server Certificates using the oc and OpenSSL commands
Authentication
Log into OpenShift using a service account token
Log into OpenShift using a user account token
Log into OpenShift using Ansible community.okd.openshift_auth
Log into OpenShift using the oc login command
Login into OpenShift using Python
Authentication / Identity Providers
Add Update Remove Identity Providers
Create an oAuth LDAP Identity Provider
Create htpasswd OAuth Identity Provider
List identities using the oc get identity command
List the enabled authentication methods
Return oAuth URLs
Update htpasswd Identity Provider
Authentication / OAuth
Create an OpenID Connect Identity Provider with Red Hat Single Sign On (SSO)
List OAuth Bearer Token using REST API
List OAuth Identity Providers using the oc get oauth command
Obtain OAuth Bearer Token using REST API
Builds and Build Configs
List Build Configs using the oc get buildconfigs command
Cluster
oc cluster-info
Cluster Application Migration (CAM) Tool
Migrate Application - Create the Migration Plan
Migrate Application - Migrate a Plan
Migrate Application - Stage a Plan
Cluster Service Versions (CSV)
List Cluster Service Versions using the oc get csv command
CodeReady Containers
crc cleanup command (CodeReady Containers version)
crc config command (CodeReady Containers)
crc delete command (CodeReady Containers)
crc setup command (CodeReady Containers)
crc start command (CodeReady Containers)
crc status command (CodeReady Containers)
crc stop command (CodeReady Containers)
crc version command (CodeReady Containers version)
crc.log (CodeReady Containers log)
Display CodeReady Container login credentials using the crc console command
Install OpenShift CodeReady Containers on Linux or Mac
Install OpenShift CodeReady Containers on Windows
Uninstall OpenShift CodeReady Containers on Linux
Uninstall OpenShift CodeReady Containers on Mac
Uninstall OpenShift CodeReady Containers on Windows
Config Maps
Create Config Map
Delete Config Maps using the oc delete configmap command
Edit Config Map using the oc edit command
List Config Maps using REST API
List Config Maps using the oc get configmaps command
Mount multiple Config Maps to the same directory using projected volume
Containers
List the containers in a deployment or pod
Run a command in a container
Contexts
List Contexts using the oc config get-context command
copy
Copy file between container and host using the oc cp command
Cron and Jobs
Create cronjob using the oc create cronjob command
List cron jobs using REST API
List cronjobs using the oc get cronjob command
List Jobs using the oc get jobs command
Manually run cronjob
Custom Resource Definitions (CRD)
Delete Custom Resource Definitions (CRD) using the oc delete crd command
List Custom Resource Definitions (CRD) using the oc get crd command
Daemon Sets
List daemon sets using REST API
List deamon sets using the oc get daemonsets command
Deployments
Delete deployment using the oc delete deployment command
Deploy a new version of an application using the oc rollout command
Deploy an application from a build
Deploy an application from a JSON or YAML file
Deploy an application from a template
Deploy an application from an image
Deploy an application from Docker Hub
Deploy an application from GitHub
Deploy Hello Openshift
Deploy Python Flask container on OpenShift
Deployment status using the oc status command
Label a deployment using the oc label command
List deployment configs using the oc get deploymentconfigs command
List deployment environment variables
List deployments using REST API
List deployments using the oc get deployments command
Update a deployment YAML template file using the oc edit command
DNS
List DNS objects using the oc get dns command
List OpenShift DNS URLs
egress
Assign egress IP address to a node using the oc patch hostsubnet command
Assign egress IP address to a project using the oc patch netnamespace command
Create egress network policy rules
Edit egress rules using the oc edit command
List egress IP and CIDR using the oc get hostsubnet command
List egress IP using the oc get netnamespace command
List egress rules using the oc get egressnetworkpolicy command
Elastic Search
Delete Elastic Search indices
Determine Elastic Search health status (green yellow red)
Elastic Search same_shard the shard cannot be allocated to the same node on which a copy of the shard already exists
Elastic Search Shard Allocation
List Elastic Search Cluster Settings
List Elastic Search Documents
List Elastic Search Indices
List Elastic Search Shards
Monitor an Application Server in Elastic APM
Patch Elastic Search Management State
Endpoints
List endpoints using the oc get endpoints command
Environment Variables
Create deployment environment variables
Delete environment variables using the oc set env command
List environment variables using the oc set env command
etcd
List etcd
Events
Delete events using the oc delete events command
List Events using the oc get events command
View Node events using oc describe or oc get
View Pod events using oc describe or oc get
Getting Started
Getting Started with Keycloak
Getting Started with Terraform
GitOps
Install gitops-primer Operator on the command line
Install Red Hat OpenShift GitOps Operator using the console (Argo CD)
Images
Create image using the oc import-image command
List image streams using the oc get imagestreams command
List images using the oc get images command
Pull image from a registry using the podman pull command
Tag Image Stream
Ingress
Create Ingress Route
Display ingress domain apps URL
List Ingress Controllers using the oc get ingresscontroller command
List Ingress Route using the oc get ingress command
List Ingress Routers using the oc get services command
Install
Install 60 day free trial version of Red Hat OpenShift on VMWare
JSON
Parse JSON using jsonpath
Labels
Understanding Labels
LDAP Sync
Import Users and Groups using ldap-sync
Remove LDAP sync Groups using oc adm prune groups
Schedule LDAP sync using cronjob
Limits and Quotas
Create Cluster Resource Quota
Create CPU Memory Limits
Create Quota
List Cluster Resource Quota using the oc get clusterresourcequota command
List CPU Memory Limits using the oc get limits command
List Quota using the oc get quota command
Update a deployment with CPU Memory resource requests and limits
Logging
Elastic Search logs (ELK EFK stack)
Filebeat logs (ELK EFK stack)
Fluentd log level (ELK EFK stack)
Fluentd logs (ELK EFK stack)
log level option (--loglevel)
Patch Cluster Logging Management State
View logs using the master-logs command
View logs using the oc logs command
Machines / Nodes
Delete machine using the oc delete machine command
Label a node using the oc label command
List Machine Config Pool using the oc get machineconfigpool command
List machine sets using the oc get machineset command
List machines using the oc get machines command
List nodes using the oc get nodes command
Restart node using the oc debug node command
Start a node in debug mode using the oc debug command
Must Gather
Creating a Must Gather using the oc adm must-gather command
Network Policies
Allow or deny all egress traffic in a project using Network Policy
Allow or deny all ingress traffic in a project using Network Policy
Allow or deny all traffic based on IP address, CIDR or port using Network Policy
Allow requests that match pod label
Allow traffic from a namespace using Network Policy
List Network Policies using the oc get networkpolicies command
oc command
Getting Started with the oc command
Operators
List Cluster Operators using the oc get clusteroperator command
List Cluster Operators using the REST API
List Operators using the oc get operators command
Uninstall Operators
Output Format
custom-columns option
Pod Placement
Run a pod on a specific node using nodeAffinity
Run a pod on a specific node using nodeSelector
Run a pod on a specific node using podAffinity
Run a pod on a specific node using taint and tolerations
Pods
Configure a pod to create heap dumps (oc edit JAVA_OPTS)
Create a pod using a YAML template file
Delete Pod using the oc delete pod command
Delete Pods using Ansible
Delete pods using REST API
Deploy a pod from a JSON or YAML file
Evicting pods from a node (oc adm drain)
Exchanging messages between pods
Execute a command in a pod using the oc exec command
Label a pod using the oc label command
List pods using Ansible
List pods using REST API
List pods using the oc get pods command
Remote shell to a pod using the oc rsh command
Restart Pod using the oc delete pod command
Restart Pod using the REST API
Update a pods max heap (oc edit JAVA_OPTS)
Update a pods metaspace (oc edit JAVA_OPTS)
View a pods memory usage (RAM)
Port Forward
Create a port forward rule using the oc port-forward command
Project / Namespace
Change Project using the oc project command
Create a Project
Create a Project using Terraform
Create Project Template using the oc adm create-bootstrap-project-template command
Delete project using REST API
Delete Project using the oc delete project command
Disable new Project creation by editing the self-provisioners Cluster Role Binding
Disable new Project creation using projectRequestMessage
Inspect a project using the oc adm inspect command
List Projects using Python
List projects using REST API
List projects using the oc get netnamespaces command
List projects using the oc get projects command
Projects
List projects using NodeJS
Prometheus
List Prometheus Metrics
List Prometheus Targets
Reload Prometheus Configurations
Proxy
List proxy servers using the oc get proxy command
Registries
List repositories in the internal registry
Sign into registry.redhat.io using the podman login command
Replicas
List replicas using REST API
List replicas using the oc get replicaset command
List replicaset environment variables
Replication Controllers
Create Replication Controller
List Replication Controllers
Revisions
Controller replicaset and replication controller revisions using triggers
Role Bindings
Add or Remove a Role Binding from a User Group or Service Account
Create Role Binding
Delete a Role Binding using REST API
List Role Bindings
List Role Bindings using Python
List Role Bindings using REST API
Update a Role Binding using REST API
Roles
Create Role using a YAML template file
Create Roles
Determine if a User or Group has permission using oc adm policy who-can
List Roles
Router
Understanding Default Router
Routes
Create insecured Route using the oc expose command
Create secured Route using Self Signed Certificate
Create secured Route using the oc create route command
Label a route using the oc label command
List Routes using the oc get routes command
Resolve route automatically recreating
Scale / Autoscale
Add machines nodes using the oc scale machineset command
Automatically scale a pod using Horizontal Pod Autoscaler
List autoscalers using the oc get horizontalpodautoscalers command
Temporarily change the number of pods (replicas) using the oc scale command
Scheduler
List Schedulers using the oc get scheduler command
Marking node as schedulable or unschedulable
Secrets
Configure a Deployment with Secrets as a Variable
Configure a Deployment with Secrets as a Volume Mount
Create Opaque Generic Secrets (key value pairs)
Create TLS Secrets
Delete Secret using REST API
Deleting Secrets using the oc delete secret command
Display secret content using the oc secrets command
List Secrets using Python
List Secrets using REST API
List Secrets using the oc get secrets command
Prefix Secrets using oc set env --prefix
Update Secret using the oc replace command
Security Context Constraints (SCC)
Add a Security Context Constraint to a User or Group or Service Account
Create a Security Context Constraint
Delete a Security Context Constraint
List Security Context Constraints allowed by a pod or deployment
List Security Context Constraints using the oc get securitycontextconstraints command
Remove a Security Context Constraint from a User or Group or Service Account
Run a deployment with a Service Account and Security Context Constraint
Update a deployment with Security Context (runAsUser runAsGroup fsGroup)
Service Accounts
Create Service Accounts
List Service Accounts
Service Monitors
List Service Monitors using the oc get servicemonitors command
Services
Assign an external IP address to a service using the oc patch service command
Create ClusterIP Service
Create ClusterIP Service using the oc expose pod command
Create load balance service using the oc create service command
List Services using REST API
List Services using the oc get services command
sosreport
Create an SOS report
SSL / TLS
List SSL certificates in a config map
List SSL certificates in a deployment container args (arguments)
List SSL certificates in a secret
Service CA (certificate authority) SSL certificate
View a pods SSL certificate
SSO
Create a Red Hat Single Sign On (SSO) OpenID Connect Identity Provider
Install Red Hat Single Sign On (SSO) Operator on the command line
Install Red Hat Single Sign On (SSO) Operator using the console
Integrate OpenShift with Red Hat SSO (Keycloak)
Setup keycloak resource for Red Hat Single Sign On (SSO)
Sign into OpenShift using Red Hat Single Sign On (SSO)
Stateful Sets
List stateful sets using REST API
List stateful sets using the oc list statefulsets command
Storage Classes
Create Storage Classes using a YAML template file
List Storage Classes using the oc get storageclass command
Templates
Getting Started with Templates
List Templates using the oc get templates command
Troubleshooting
oc adm diagnostics command
Pod stuck Terminating
Resolve "Application is not available"
Resolve "AttachVolume.Attach failed for volume"
Resolve "Cannot evict pod as it would violate the pod's disruption budget"
Resolve "Cluster operator network has not retrieved updates"
Resolve "Cluster version operator has not retrieved updates"
Resolve "Connection refused"
Resolve "Connection timed out"
Resolve "ContainerCreating"
Resolve "context deadline exceeded"
Resolve "CrashLoopBackOff"
Resolve "DaemonSet openshift-sdn is not available awaiting nodes"
Resolve "Deleting protected is not allowed"
Resolve "Disk Watermark High"
Resolve "DiskPressure"
Resolve "Error from server (InternalError): Internal error occurred: unexpected response: 500"
Resolve "Error trying to connect to APM Server"
Resolve "error: tls: failed to parse private key"
Resolve "error: unable to upgrade connection: container not found"
Resolve "exceeded quota"
Resolve "failed quota"
Resolve "failed to pull image manifest unknown ImagePullBackOut"
Resolve "Failed to pull image proxyconnect timeout"
Resolve "FailedMount Unable to attach or mount volumes timed out waiting for the condition"
Resolve "Fluentd cannot be scraped"
Resolve "FluentDVeryHighErrorRate"
Resolve "forbidden: User cannot resource in API group"
Resolve "hostPath type check failed is not a file"
Resolve "hostPath volumes are not allowed to be used"
Resolve "Kubelet stopped posting node status"
Resolve "Missing or incomplete configuration info. Please point to an existing, complete config file"
Resolve "Multi-Attach error for volume"
Resolve "must not have leading or trailing whitespace"
Resolve "Permission Denied" with mounted Persistent Volume Claim
Resolve "Prometheus has failed to evaluate rules in the last 5m"
Resolve "taint that the pod didn't tolerate"
Resolve "ThanosQueryHttpRequestQueryRangeErrorRateHigh"
Resolve "The server uses a certificate signed by an unknown authority"
Resolve "Throttling request took"
Resolve "TLS handshake error from 10.11.12.13:43722: remote error: tls: bad certificate"
Resolve "unable to validate against any security context constraint"
Resolve "verify you have provided the correct host and port and that the server is currently running"
Resolve "You are not a member of any projects"
Resolve "You may not request a new project via this API"
Resolve "You must obtain an API token"
Resolve "You need to be root to perform this command"
Resolve cluster operator degraded
Resolve Elastic Search "failed to create shard failure IOException No space left on device"
Resolve ElasticsearchDiskSpaceRunningLow
Resolve ElasticsearchNodeDiskWatermarkReached
Resolve error: rolebinding found for "Role", not "ClusterRole"
Resolve KubeletDown
Resolve Liveness or Readiness probe failed
Resolve node status NotReady
Resolve operator-lifecycle-manager-packageserver serving cert not active
Resolve Persistent Volume Claim Lost
Resolve Project stuck in a Terminating state
Resolved "Error creating deployer pod"
Users / Groups
Add user to a group using the oc adm groups add-users command
Create group using a YAML template file
Create group using the oc adm groups command
Delete group using REST API
Delete kubeadmin user account
Delete User Account
Display user name and token using the oc whoami command
Display users token using the oc config view command
List groups using REST API
List Groups using the oc get groups command
List Users using Python
List Users using the oc get users command
Remove user from a group using the oc admin groups remove-users command
Version
Determine Cluster ID
oc get clusterversion command
oc version command
Volumes
Create Persistent Volume
Create Persistent Volume Claim
Create Shared Volume using a YAML template file
Determine Persistent Volume Claim used space
Elastic File System (EFS) for Red Hat OpenShift on Amazon Web Services (AWS) (ROSA)
Label a Persistent Volume using the oc label command
List Persistent Volume Claims using the oc get pvc command
List Persistent Volume Claims using the REST API
List Persistent Volume using the oc get pv command
List Shared Volumes using the oc get sharedvolumes command
Mount a Config Map in a container
Mount a local directory in a container
Mount a Persistent Volume in a container
Mount a Shared Volume in a container
Mount an empty directory in a container using the oc set volume command
Resize Persistent Volume Claim available storage