Switch branches/tags
Nothing to show
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
README.org
architecture_overview.png
cheatsheet-openshift-A4.pdf
openshift-admin-console.jpg
openshift-overview.jpg

README.org

1 OpenShift CheatSheet

linkedin
github
slack


PRs Welcome

File me Issues or star this repo.

1.1 OpenShift Glossary

NameCommand
OKDThe Origin Community Distribution of Kubernetes that powers Red Hat OpenShift.
oc command lineOpenShift command line: oc <action> <object_type> <object_name_or_id>
ProjectNamespace in Kubernetes. Resources are aggregated by projects. oc get project
BuildBuilds create a new image from source code, other images, Dockerfiles, etc. oc get build
Build ConfigurationHow to build source code and a base image into a new image. oc get bc
RouteEndpoint in Kubernetes. A route is an external DNS entry
Deployment Configurationoc get dc
ImageStreamoc get is
ImageStreamTagoc get istag
ImageStreamImageoc get isimage
Templateoc get template
Template Instanceoc get templateinstance
ExplainOnline manual oc explain pod
Red Hat RegistryBy default, all images are pulled from registry.redhat.io.
OpenShift SaaS Versionhttps://openshift.io/
OpenShift onlinehttps://cloud.openshift.com
ReferenceMinishift CheatSheet Link: Minishift
ReferenceOpenShift CheatSheet, Rancher CheatSheet, PKS CheatSheet

https://raw.githubusercontent.com/dennyzhang/cheatsheet.dennyzhang.com/master/cheatsheet-openshift-A4/architecture_overview.png

1.2 OC - Highlights

NameCommand
Get api requests verbose output with kubectl calloc --loglevel 999 get pod/dummy-deployment-6d6759c786-5kwth
Start a pod and get a shell for debugoc debug dc/jorge
Impersonate for oc commandoc --as=jorge get pods, oc --as-group=developers get pods
Use oc to do admin operationsoc adm <sub-command>
Try experimental commands of ococ ex <sub-command>
Explain OpenShift/Kubernetes concepts to meoc explain pod, oc explain replicaset
Enable oc shell autocompletionecho "source <(oc completion zsh)" >>~/.zshrc, then reload terminal
ReferenceOpenShift CheatSheet, Kubectl CheatSheet

1.3 OC - Admin

NameCommand
Login/logoutoc login, oc logout, oc whoami
List routeoc get route
List all object typesoc types, oc api-resources
Start a local OpenShift all-in-one clusteroc cluster up

1.4 OC - Developer

NameCommand
Create a projectoc new-project <projectname> --description=<description> --display-name=<display_name>
Check status of current projectoc status Link: OC CLI Operations
Show oc cli profileoc config view Link: Managing CLI Profiles
Get all resourceoc get all
Switch projectoc project <projectname>
Create an applicationoc new-app https://github.com/sclorg/cakephp-ex
Create a new buildoc new-build https://github.com/sclorg/cakephp-ex
Manually start a build with given confoc start-build <buildconfig_name>
Stop a build that is in progressoc cancel-build <build_name>
Import an external imageoc import-image <image_stream>
Tag an imageoc tag <current_image> <image_stream>

1.5 All openshift resources: oc api-resources

NAMESHORTNAMESAPIGROUPNAMESPACEDKIND
bindingstrueBinding
componentstatusescsfalseComponentStatus
configmapscmtrueConfigMap
endpointseptrueEndpoints
eventsevtrueEvent
limitrangeslimitstrueLimitRange
namespacesnsfalseNamespace
nodesnofalseNode
persistentvolumeclaimspvctruePersistentVolumeClaim
persistentvolumespvfalsePersistentVolume
podspotruePod
podtemplatestruePodTemplate
replicationcontrollersrctrueReplicationController
resourcequotasquotatrueResourceQuota
secretstrueSecret
serviceaccountssatrueServiceAccount
servicessvctrueService
mutatingwebhookconfigurationsadmissionregistration.k8s.iofalseMutatingWebhookConfiguration
validatingwebhookconfigurationsadmissionregistration.k8s.iofalseValidatingWebhookConfiguration
customresourcedefinitionscrd,crdsapiextensions.k8s.iofalseCustomResourceDefinition
apiservicesapiregistration.k8s.iofalseAPIService
controllerrevisionsappstrueControllerRevision
daemonsetsdsappstrueDaemonSet
deploymentsdeployappstrueDeployment
replicasetsrsappstrueReplicaSet
statefulsetsstsappstrueStatefulSet
deploymentconfigsdcapps.openshift.iotrueDeploymentConfig
tokenreviewsauthentication.k8s.iofalseTokenReview
localsubjectaccessreviewsauthorization.k8s.iotrueLocalSubjectAccessReview
selfsubjectaccessreviewsauthorization.k8s.iofalseSelfSubjectAccessReview
selfsubjectrulesreviewsauthorization.k8s.iofalseSelfSubjectRulesReview
subjectaccessreviewsauthorization.k8s.iofalseSubjectAccessReview
clusterrolebindingsauthorization.openshift.iofalseClusterRoleBinding
clusterrolesauthorization.openshift.iofalseClusterRole
localresourceaccessreviewsauthorization.openshift.iotrueLocalResourceAccessReview
localsubjectaccessreviewsauthorization.openshift.iotrueLocalSubjectAccessReview
resourceaccessreviewsauthorization.openshift.iofalseResourceAccessReview
rolebindingrestrictionsauthorization.openshift.iotrueRoleBindingRestriction
rolebindingsauthorization.openshift.iotrueRoleBinding
rolesauthorization.openshift.iotrueRole
selfsubjectrulesreviewsauthorization.openshift.iotrueSelfSubjectRulesReview
subjectaccessreviewsauthorization.openshift.iofalseSubjectAccessReview
subjectrulesreviewsauthorization.openshift.iotrueSubjectRulesReview
horizontalpodautoscalershpaautoscalingtrueHorizontalPodAutoscaler
cronjobscjbatchtrueCronJob
jobsbatchtrueJob
buildconfigsbcbuild.openshift.iotrueBuildConfig
buildsbuild.openshift.iotrueBuild
certificatesigningrequestscsrcertificates.k8s.iofalseCertificateSigningRequest
eventsevevents.k8s.iotrueEvent
daemonsetsdsextensionstrueDaemonSet
deploymentsdeployextensionstrueDeployment
ingressesingextensionstrueIngress
networkpoliciesnetpolextensionstrueNetworkPolicy
podsecuritypoliciespspextensionsfalsePodSecurityPolicy
replicasetsrsextensionstrueReplicaSet
imagesimage.openshift.iofalseImage
imagesignaturesimage.openshift.iofalseImageSignature
imagestreamimagesisimageimage.openshift.iotrueImageStreamImage
imagestreamimportsimage.openshift.iotrueImageStreamImport
imagestreammappingsimage.openshift.iotrueImageStreamMapping
imagestreamsisimage.openshift.iotrueImageStream
imagestreamtagsistagimage.openshift.iotrueImageStreamTag
clusternetworksnetwork.openshift.iofalseClusterNetwork
egressnetworkpoliciesnetwork.openshift.iotrueEgressNetworkPolicy
hostsubnetsnetwork.openshift.iofalseHostSubnet
netnamespacesnetwork.openshift.iofalseNetNamespace
networkpoliciesnetpolnetworking.k8s.iotrueNetworkPolicy
oauthaccesstokensoauth.openshift.iofalseOAuthAccessToken
oauthauthorizetokensoauth.openshift.iofalseOAuthAuthorizeToken
oauthclientauthorizationsoauth.openshift.iofalseOAuthClientAuthorization
oauthclientsoauth.openshift.iofalseOAuthClient
poddisruptionbudgetspdbpolicytruePodDisruptionBudget
podsecuritypoliciespsppolicyfalsePodSecurityPolicy
projectrequestsproject.openshift.iofalseProjectRequest
projectsproject.openshift.iofalseProject
appliedclusterresourcequotasquota.openshift.iotrueAppliedClusterResourceQuota
clusterresourcequotasclusterquotaquota.openshift.iofalseClusterResourceQuota
clusterrolebindingsrbac.authorization.k8s.iofalseClusterRoleBinding
clusterrolesrbac.authorization.k8s.iofalseClusterRole
rolebindingsrbac.authorization.k8s.iotrueRoleBinding
rolesrbac.authorization.k8s.iotrueRole
routesroute.openshift.iotrueRoute
podsecuritypolicyreviewssecurity.openshift.iotruePodSecurityPolicyReview
podsecuritypolicyselfsubjectreviewssecurity.openshift.iotruePodSecurityPolicySelfSubjectReview
podsecuritypolicysubjectreviewssecurity.openshift.iotruePodSecurityPolicySubjectReview
rangeallocationssecurity.openshift.iofalseRangeAllocation
securitycontextconstraintssccsecurity.openshift.iofalseSecurityContextConstraints
storageclassesscstorage.k8s.iofalseStorageClass
volumeattachmentsstorage.k8s.iofalseVolumeAttachment
brokertemplateinstancestemplate.openshift.iofalseBrokerTemplateInstance
processedtemplatestemplate.openshift.iotrueTemplate
templateinstancestemplate.openshift.iotrueTemplateInstance
templatestemplate.openshift.iotrueTemplate
groupsuser.openshift.iofalseGroup
identitiesuser.openshift.iofalseIdentity
useridentitymappingsuser.openshift.iofalseUserIdentityMapping
usersuser.openshift.iofalseUser
openshiftwebconsoleconfigswebconsole.operator.openshift.iofalseOpenShiftWebConsoleConfig

1.6 OpenShift Source Code

NameCommand
Openshift Ansible DeploymentGitHub: openshift-ansible/playbooks

1.7 OpenShift Opportunty

NameCommand
Doesn’t support multiple clusters
OC command line could be a strengh or a weakness
Lack of SDN solution
Time-consuming for administrators’ operations

1.8 OpenShift CLI Help All

/User/zdenny > oc --help
OpenShift Client

This client helps you develop, build, deploy, and run your applications on any OpenShift or Kubernetes compatible
platform. It also includes the administrative commands for managing a cluster under the 'adm' subcommand.

Usage:
  oc [flags]

Basic Commands:
  types           An introduction to concepts and types
  login           Log in to a server
  new-project     Request a new project
  new-app         Create a new application
  status          Show an overview of the current project
  project         Switch to another project
  projects        Display existing projects
  explain         Documentation of resources
  cluster         Start and stop OpenShift cluster

Build and Deploy Commands:
  rollout         Manage a Kubernetes deployment or OpenShift deployment config
  rollback        Revert part of an application back to a previous deployment
  new-build       Create a new build configuration
  start-build     Start a new build
  cancel-build    Cancel running, pending, or new builds
  import-image    Imports images from a Docker registry
  tag             Tag existing images into image streams

Application Management Commands:
  get             Display one or many resources
  describe        Show details of a specific resource or group of resources
  edit            Edit a resource on the server
  set             Commands that help set specific features on objects
  label           Update the labels on a resource
  annotate        Update the annotations on a resource
  expose          Expose a replicated application as a service or route
  delete          Delete one or more resources
  scale           Change the number of pods in a deployment
  autoscale       Autoscale a deployment config, deployment, replication controller, or replica set
  secrets         Manage secrets
  serviceaccounts Manage service accounts in your project

Troubleshooting and Debugging Commands:
  logs            Print the logs for a resource
  rsh             Start a shell session in a pod
  rsync           Copy files between local filesystem and a pod
  port-forward    Forward one or more local ports to a pod
  debug           Launch a new instance of a pod for debugging
  exec            Execute a command in a container
  proxy           Run a proxy to the Kubernetes API server
  attach          Attach to a running container
  run             Run a particular image on the cluster
  cp              Copy files and directories to and from containers.
  wait            Experimental: Wait for one condition on one or many resources

Advanced Commands:
  adm             Tools for managing a cluster
  create          Create a resource from a file or from stdin.
  replace         Replace a resource by filename or stdin
  apply           Apply a configuration to a resource by filename or stdin
  patch           Update field(s) of a resource using strategic merge patch
  process         Process a template into list of resources
  export          Export resources so they can be used elsewhere
  extract         Extract secrets or config maps to disk
  idle            Idle scalable resources
  observe         Observe changes to resources and react to them (experimental)
  policy          Manage authorization policy
  auth            Inspect authorization
  convert         Convert config files between different API versions
  import          Commands that import applications
  image           Useful commands for managing images
  registry        Commands for working with the registry
  api-versions    Print the supported API versions on the server, in the form of "group/version"
  api-resources   Print the supported API resources on the server

Settings Commands:
  logout          End the current server session
  config          Change configuration files for the client
  whoami          Return information about the current session
  completion      Output shell completion code for the specified shell (bash or zsh)

Other Commands:
  ex              Experimental commands under active development
  help            Help about any command
  plugin          Runs a command-line plugin
  version         Display client and server versions

Use "oc <command> --help" for more information about a given command.
Use "oc options" for a list of global command-line options (applies to all commands).

1.9 OpenShift CLI Help Admin

/User/zdenny > oc adm
Administrative Commands

Commands for managing a cluster are exposed here. Many administrative actions involve interaction with the command-line
client as well.

Usage:
  oc adm [flags]

Component Installation:
  router                             Install a router
  ipfailover                         Install an IP failover group to a set of nodes
  registry                           Install the integrated Docker registry

Security and Policy:
  new-project                        Create a new project
  policy                             Manage policy
  groups                             Manage groups
  ca                                 Manage certificates and keys
  certificate                        Modify certificate resources.

Node Management:
  create-node-config                 Create a configuration bundle for a node
  manage-node                        Manage nodes - list pods, evacuate, or mark ready
  cordon                             Mark node as unschedulable
  uncordon                           Mark node as schedulable
  drain                              Drain node in preparation for maintenance
  taint                              Update the taints on one or more nodes
  pod-network                        Manage pod network

Maintenance:
  diagnostics                        Diagnose common cluster problems
  prune                              Remove older versions of resources from the server
  build-chain                        Output the inputs and dependencies of your builds
  migrate                            Migrate data in the cluster
  top                                Show usage statistics of resources on the server
  verify-image-signature             Verify the image identity contained in the image signature

Configuration:
  create-kubeconfig                  Create a basic .kubeconfig file from client certs
  create-api-client-config           Create a config file for connecting to the server as a user
  create-bootstrap-project-template  Create a bootstrap project template
  create-bootstrap-policy-file       Create the default bootstrap policy
  create-login-template              Create a login template
  create-provider-selection-template Create a provider selection template
  create-error-template              Create an error page template

Other Commands:
  completion                         Output shell completion code for the specified shell (bash or zsh)
  config                             Change configuration files for the client

Use "oc adm <command> --help" for more information about a given command.
Use "oc adm options" for a list of global command-line options (applies to all commands).

1.10 More Resources

https://www.okd.io/

https://access.redhat.com/documentation/en-us/openshift_container_platform/3.11/

https://access.redhat.com/documentation/en-us/openshift_container_platform/3.11/html/cli_reference/cli-reference-basic-cli-operations

https://docs.okd.io/latest/minishift/getting-started/quickstart.html

https://www.openshift.com/

https://docs.openshift.com/online/architecture/index.html

License: Code is licensed under MIT License.

linkedin github slack

2 TODO Blog: X things I have learned from OpenShift oc command line

2.1 Overview of oc: kubectl, adm, CRD resources, add-on

2.2 log level: show output

2.3 oc ex: preview version

2.4 oc version: get both server and client version