copyright | lastupdated | keywords | subcollection | ||
---|---|---|---|---|---|
|
2021-05-05 |
openshift |
openshift |
{:DomainName: data-hd-keyref="APPDomain"} {:DomainName: data-hd-keyref="DomainName"} {:android: data-hd-operatingsystem="android"} {:api: .ph data-hd-interface='api'} {:apikey: data-credential-placeholder='apikey'} {:app_key: data-hd-keyref="app_key"} {:app_name: data-hd-keyref="app_name"} {:app_secret: data-hd-keyref="app_secret"} {:app_url: data-hd-keyref="app_url"} {:authenticated-content: .authenticated-content} {:beta: .beta} {:c#: data-hd-programlang="c#"} {:cli: .ph data-hd-interface='cli'} {:codeblock: .codeblock} {:curl: .ph data-hd-programlang='curl'} {:deprecated: .deprecated} {:dotnet-standard: .ph data-hd-programlang='dotnet-standard'} {:download: .download} {:external: target="_blank" .external} {:faq: data-hd-content-type='faq'} {:fuzzybunny: .ph data-hd-programlang='fuzzybunny'} {:generic: data-hd-operatingsystem="generic"} {:generic: data-hd-programlang="generic"} {:gif: data-image-type='gif'} {:go: .ph data-hd-programlang='go'} {:help: data-hd-content-type='help'} {:hide-dashboard: .hide-dashboard} {:hide-in-docs: .hide-in-docs} {:important: .important} {:ios: data-hd-operatingsystem="ios"} {:java: .ph data-hd-programlang='java'} {:java: data-hd-programlang="java"} {:javascript: .ph data-hd-programlang='javascript'} {:javascript: data-hd-programlang="javascript"} {:new_window: target="_blank"} {:note .note} {:note: .note} {:objectc data-hd-programlang="objectc"} {:org_name: data-hd-keyref="org_name"} {:php: data-hd-programlang="php"} {:pre: .pre} {:preview: .preview} {:python: .ph data-hd-programlang='python'} {:python: data-hd-programlang="python"} {:route: data-hd-keyref="route"} {:row-headers: .row-headers} {:ruby: .ph data-hd-programlang='ruby'} {:ruby: data-hd-programlang="ruby"} {:runtime: architecture="runtime"} {:runtimeIcon: .runtimeIcon} {:runtimeIconList: .runtimeIconList} {:runtimeLink: .runtimeLink} {:runtimeTitle: .runtimeTitle} {:screen: .screen} {:script: data-hd-video='script'} {:service: architecture="service"} {:service_instance_name: data-hd-keyref="service_instance_name"} {:service_name: data-hd-keyref="service_name"} {:shortdesc: .shortdesc} {:space_name: data-hd-keyref="space_name"} {:step: data-tutorial-type='step'} {:subsection: outputclass="subsection"} {:support: data-reuse='support'} {:swift: .ph data-hd-programlang='swift'} {:swift: data-hd-programlang="swift"} {:table: .aria-labeledby="caption"} {:term: .term} {:tip: .tip} {:tooling-url: data-tooling-url-placeholder='tooling-url'} {:troubleshoot: data-hd-content-type='troubleshoot'} {:tsCauses: .tsCauses} {:tsResolve: .tsResolve} {:tsSymptoms: .tsSymptoms} {:tutorial: data-hd-content-type='tutorial'} {:ui: .ph data-hd-interface='ui'} {:unity: .ph data-hd-programlang='unity'} {:url: data-credential-placeholder='url'} {:user_ID: data-hd-keyref="user_ID"} {:vbnet: .ph data-hd-programlang='vb.net'} {:video: .video}
{: #sitemap}
{: #sitemap_getting_started_with_}
Getting started with {{site.data.keyword.openshiftlong_notm}}
-
Creating a classic {{site.data.keyword.openshiftshort}} cluster
-
Deploying an app with the {{site.data.keyword.openshiftshort}} service catalog
{: #sitemap_about}
Benefits and service offerings
- Benefits of using the service
- Comparison between {{site.data.keyword.openshiftshort}} and community Kubernetes clusters
- Comparison between clusters that run in {{site.data.keyword.cloud_notm}} and standard OCP
- Comparison between {{site.data.keyword.openshiftshort}} 3.11 and 4 clusters
Supported infrastructure providers
Architecture and dependencies of the service
- Classic cluster service architecture
- VPC cluster service architecture
- Overview of personal and sensitive data storage and removal options
- Dependencies to other {{site.data.keyword.cloud_notm}} services
- Dependencies to 3rd party services
{: #sitemap_use_cases}
Financial services use cases for {{site.data.keyword.cloud_notm}}
- Mortgage company trims costs and accelerates regulatory compliance
- Payment tech company streamlines developer productivity, deploying AI-enabled tools to their partners 4 times faster
Healthcare use cases for {{site.data.keyword.cloud_notm}}
- Healthcare provider migrates workloads from inefficient VMs to Ops-friendly containers for reporting and patient systems
- Research nonprofit securely hosts sensitive data while it grows research with partners
Retail use cases for {{site.data.keyword.cloud_notm}}
- Brick-and-mortar retailer shares data, by using APIs with global business partners to drive omnichannel sales
- Traditional grocer increases customer traffic and sales with digital insights
Transportation use cases for {{site.data.keyword.cloud_notm}}
- Shipping company increases availability of worldwide systems for business partner ecosystem
- Airline delivers innovative Human Resources (HR) benefits site in under 3 weeks
Government use cases for {{site.data.keyword.cloud_notm}}
- Regional government improves collaboration and velocity with community Developers who combine public-private data
- Large public port secures exchange of port data and shipping manifests that connect public and private organizations
{: #sitemap_learning_paths}
Learning path for administrators
- Plan your environment
- Create a cluster
- Manage the network
- Secure your cluster
- Logging and monitoring
- Add a registry and CI/CD
- Add storage
- Add integrations
- Manage the lifecycle
- Access the cluster
- Plan your deployment
- Develop your app
- Deploy your app
- Test, log, and monitor
- Update your app
- Secure your app
- Expose your app
- Add app storage
- Add integrations
{: #sitemap_cluster_strategy}
Your responsibilities with using {{site.data.keyword.openshiftlong_notm}}
Security for {{site.data.keyword.openshiftlong_notm}}
- Overview of security threats for your cluster
- {{site.data.keyword.openshiftshort}} API server and etcd
- Worker node
- Network
- Persistent storage
- Monitoring and logging
- Container runtime
- Image and registry
- Container isolation and security
- Storing personal information
- Kubernetes security bulletins
Tutorials library for OpenShift{: external}
{: #sitemap_creating__clusters}
Creating {{site.data.keyword.openshiftlong_notm}} clusters
{: #sitemap_creating_an__cluster_in_your_virtual_private_cloud_(vpc)}
Creating an {{site.data.keyword.openshiftshort}} cluster in your Virtual Private Cloud (VPC)
{: #sitemap_developing_in_clusters_with_the_openshift_do_cli}
Developing in clusters with the OpenShift Do CLI
Scalable web application on OpenShift{: external}
OpenShift interactive learning portal{: external}
Katacoda interactive OpenShift tutorials{: external}
IBM Developer OpenShift tutorials{: external}
{: #sitemap_installing_the_cli_and_api}
- Installing the IBM Cloud CLI and plug-ins
- Installing the OpenShift Origin CLI (
oc
) - Updating the CLI
- Installing the
odo
CLI for developers - Uninstalling the CLI
- Using the {{site.data.keyword.cloud-shell_notm}} in your web browser
- About the API
- Automating cluster deployments with the API
- Working with your cluster by using the Kubernetes API
- Refreshing {{site.data.keyword.cloud_notm}} IAM access tokens and obtaining new refresh tokens with the API
- Refreshing {{site.data.keyword.cloud_notm}} IAM access tokens and obtaining new refresh tokens with the CLI
{: #sitemap_setting_up_clusters}
{: #sitemap_planning_your_cluster_environment}
Moving your environment to {{site.data.keyword.openshiftlong_notm}}
- Moving your workloads to the {{site.data.keyword.cloud_notm}}
- Sizing your {{site.data.keyword.openshiftshort}} cluster to support your workload
- Structuring your {{site.data.keyword.openshiftshort}} environment
- Making your resources highly available
Planning your cluster network setup
- Understanding network basics of VPC clusters
- Example scenarios for VPC cluster network setups
- Understanding network basics of classic clusters
- Example scenarios for classic cluster network setups
Planning your cluster for high availability
- Single zone cluster
- Multizone cluster
- Multiple public clusters connected with a global load balancer
Planning your worker node setup
- Available hardware for worker nodes
- Virtual machines
- Physical machines (bare metal)
- Software-defined storage (SDS) machines
- Worker node resource reserves
{: #sitemap_creating_and_accessing_clusters}
Creating {{site.data.keyword.openshiftshort}} clusters
- Sample commands
- Preparing to create clusters at the account level
- Deciding on your cluster setup
- Creating a standard classic cluster
- Creating a standard VPC cluster
- Next steps
Creating {{site.data.keyword.openshiftshort}} clusters in {{site.data.keyword.satelliteshort}}
- Prerequisites
- Creating {{site.data.keyword.openshiftshort}} clusters on {{site.data.keyword.satelliteshort}} from the console
- Creating {{site.data.keyword.openshiftshort}} clusters on {{site.data.keyword.satelliteshort}} from the CLI
- Accessing and working with your {{site.data.keyword.openshiftshort}} clusters
- Setting up the internal container image registry
- Managing {{site.data.keyword.satelliteshort}} worker pools
- Exposing apps
- Storing application data in persistent storage
- Removing {{site.data.keyword.satelliteshort}} worker nodes or clusters
- Limitations for {{site.data.keyword.openshiftshort}} clusters in {{site.data.keyword.satellitelong_notm}}
Accessing {{site.data.keyword.openshiftshort}} clusters
- Prerequisites
- Accessing clusters through the public cloud service endpoint
- Accessing clusters through the private cloud service endpoint
- Accessing {{site.data.keyword.openshiftshort}} clusters on {{site.data.keyword.satelliteshort}}
- Accessing clusters from automation tools by using an API key
- Accessing the cluster master via admission controllers and webhooks
- Setting up access to your cluster
- Understanding access policies and roles
- Setting up the API key to enable access to the infrastructure portfolio and other services
- Setting up the API key in most cases
- Understanding other options than the API key
- Understanding how the API key works
- Ensuring that the API key or infrastructure credentials owner has the correct permissions
- Understanding access to the infrastructure portfolio
- Accessing the infrastructure portfolio with your {{site.data.keyword.cloud_notm}} Pay-As-You-Go or Subscription account
- Accessing a different classic infrastructure account
- Granting users access to your cluster through {{site.data.keyword.cloud_notm}} IAM
- Assigning RBAC permissions
- Customizing classic infrastructure permissions
- Removing user permissions
{: #sitemap_managing_the_cluster_lifecycle}
Adding worker nodes and zones to clusters
- Adding worker nodes by resizing an existing worker pool
- Adding worker nodes in VPC clusters
- Adding worker nodes in classic clusters
- Managing {{site.data.keyword.satelliteshort}} worker pools
- Deprecated: Adding stand-alone worker nodes
- Installing SGX drivers and platform software on SGX-capable worker nodes
- Adding tags to existing clusters
- Adding labels to existing worker pools
- Understanding scale-up and scale-down
- Following scalable deployment practices
- Can I autoscale multiple worker pools at once?
- How can I make sure that the cluster autoscaler responds to what resources my app needs?
- Can I scale down a worker pool to zero (0) nodes?
- Can I optimize my deployments for autoscaling?
- Can I use taints and tolerations with autoscaled worker pools?
- Why are my autoscaled worker pools unbalanced?
- Why can't I resize or rebalance my worker pool?
- Preparing your cluster for autoscaling
- Installing the cluster autoscaler add-on in your cluster
- Installing the cluster autoscaler Helm chart in your cluster
- Updating the cluster autoscaler configmap to enable scaling
- Customizing the cluster autoscaler configuration values
- Deploying apps to your autoscaled worker pools
- Scaling up worker nodes before the worker pool has insufficient resources
- Updating the cluster autoscaler add-on
- Upgrading a cluster autoscaler Helm chart release
- Removing the cluster autoscaler
- Cluster autoscaler add-on parameter reference
- Cluster autoscaler Helm chart parameter reference
Updating clusters, worker nodes, and cluster components
- Updating the master
- Updating classic worker nodes
- Updating VPC worker nodes
- Updating flavors (machine types)
- Updating cluster components
- Updating managed add-ons
- Default worker node settings
- Modifying default worker node settings to optimize performance
- Changing the Calico maximum transmission unit (MTU)
- Disabling the port map plug-in
{: #sitemap_managing_cluster_costs}
Understanding costs for your clusters
Using reservations to reduce classic worker node costs
- Understanding reservations
- Creating a reservation
- Using a reservation in a cluster
- Reviewing reservation usage
{: #sitemap_securing_cluster_workloads}
Protecting sensitive information in your cluster
- Overview of cluster encryption
- Understanding Key Management Service (KMS) providers
- Encrypting the Kubernetes master's local disk and secrets by using a KMS provider
- Verifying secret encryption
- Encrypting data in classic clusters by using IBM Cloud Data Shield (beta)
Configuring security context constraints
- Customizing security context constraints
- Default {{site.data.keyword.openshiftshort}} security context constraints
- Default IBM security context constraints
Setting Kubernetes API priority and fairness
{: #sitemap_securing_the_cluster_network}
{: #sitemap_classic_clusters}
Classic: Opening required ports and IP addresses in your firewall
- Opening ports in a corporate firewall
- Opening ports in gateway appliance firewalls
- Allowing the cluster to access resources through Calico network policies
- Allowing traffic from your cluster in other services' firewalls or in on-premises firewalls
- Updating IAM firewalls for {{site.data.keyword.containershort}} IP addresses
Classic: Restricting network traffic to edge worker nodes
- Isolating networking workloads to edge nodes
- Preventing app workloads from running on edge worker nodes
Classic: Controlling traffic with network policies
- Default Calico network policies
- Installing and configuring the Calico CLI
- Viewing network policies
- Adding network policies
- Controlling inbound traffic to NLB or NodePort services
- Isolating clusters on the public network
- Isolating clusters on the private network
- Controlling traffic between pods
- Logging denied traffic
{: #sitemap_vpc_clusters}
VPC: Controlling traffic with ACLs, security groups, and network policies
- Overview
- Controlling traffic with the default security group
- Controlling traffic with ACLs
- Controlling traffic between pods with Kubernetes policies
VPC: Opening required ports and IP addresses in other network firewalls
- Opening ports in a corporate firewall
- Allowing traffic from your cluster in other services' firewalls or in on-premises firewalls
{: #sitemap_managing_the_cluster_network}
{: #sitemap_classic_clusters_}
Configuring classic subnets and IP addresses
- Overview of classic networking in {{site.data.keyword.openshiftlong_notm}}
- Using existing subnets to create a cluster
- Managing existing portable IP addresses
- Adding portable IP addresses
- Managing subnet routing
- Removing subnets from a cluster
Changing service endpoints or VLAN connections in {{site.data.keyword.openshiftshort}} 3.11
- Setting up the private cloud service endpoint
- Setting up the public cloud service endpoint
- Changing your worker node VLAN connections
Setting up classic VPN connectivity
- Using the strongSwan IPSec VPN service Helm chart
- strongSwan VPN service considerations
- Configuring the strongSwan VPN in a multizone cluster
- Configuring the strongSwan Helm chart
- Step 1: Get the strongSwan Helm chart
- Step 2: Configure basic IPSec settings
- Step 3: Select inbound or outbound VPN connection
- Step 4: Access cluster resources over the VPN connection
- Step 5: Access remote network resources over the VPN connection
- Step 6 (optional): Enable monitoring with the Slack webhook integration
- Step 7: Deploy the Helm chart
- Testing and verifying strongSwan VPN connectivity
- Limiting strongSwan VPN traffic by namespace or worker node
- Upgrading or disabling the strongSwan Helm chart
- Using a Virtual Router Appliance
Adding static routes to worker nodes
{: #sitemap_vpc_clusters_}
- Overview of VPC networking in {{site.data.keyword.openshiftlong_notm}}
- Creating a VPC subnet and attaching a public gateway
- Creating VPC subnets for classic access
Setting up VPC VPN connectivity
- Communication with resources in on-premises data centers
- Communication with resources in other VPCs
- Communication with {{site.data.keyword.cloud_notm}} classic resources
Adding static routes to worker nodes
{: #sitemap_logging_and_monitoring}
- Understanding options for logging
- Forwarding cluster and app logs to {{site.data.keyword.la_full_notm}}
- Using the cluster logging operator
- Understanding options for monitoring
- Forwarding cluster and app metrics to {{site.data.keyword.mon_full_notm}}
- Viewing cluster states
- Disabling remote health reporting
Reviewing service, API server, and worker node logs
{: #sitemap_setting_up_an_image_build_pipeline}
- Choosing an image registry solution
- Storing images in the internal registry
- Setting up a secure external route for the internal registry
- Importing images from {{site.data.keyword.registrylong_notm}} into the internal registry image stream
- Setting up builds in the internal registry to push images to {{site.data.keyword.registrylong_notm}}
- Using {{site.data.keyword.registrylong_notm}}
- Understanding how to authorize your cluster to pull images from a private registry
- Updating existing clusters to use the API key image pull secret
- Using an image pull secret to access images in other {{site.data.keyword.cloud_notm}} accounts or external private registries from non-default {{site.data.keyword.openshiftshort}} projects
- Using the image pull secret to deploy containers
- Setting up a cluster to pull entitled software
- Adding a private registry to the global pull secret
Setting up continuous integration and delivery
{: #sitemap_developing_and_deploying_apps}
- Moving workloads to {{site.data.keyword.openshiftlong_notm}}
- Common app modification scenarios
- Understanding Kubernetes objects for apps
- I thought that I needed to put my app in a container. Now what's all this stuff about pods?
- So if I can just use a pod, why do I need all these different types of objects?
- What type of Kubernetes objects can I make for my app?
- What if I want my app configuration to use variables? How do I add these to the YAML?
- How can I make sure that my app has the right resources?
- How can I add capabilities to my app configuration?
- How can I add IBM services to my app, such as {{site.data.keyword.watson}}?
- Planning highly available deployments
- Versioning and updating apps
- Setting up service discovery
- Securing apps
- Managing access and monitoring app health
- Deploying containers from an existing image stream in the internal registry
- Deploying containers from an {{site.data.keyword.registrylong_notm}} image to the
default
{{site.data.keyword.openshiftshort}} project - Deploying containers from an encrypted image
- Referring to the image pull secret in your pod deployment
- Pushing images to {{site.data.keyword.registrylong_notm}}
- Managing security of images in {{site.data.keyword.registrylong_notm}} with Vulnerability Advisor
- Setting up trusted content for container images
- Enabling image security enforcement in your cluster
Developing apps to run on OpenShift
- Specifying your app requirements in your YAML file
- Basic deployment metadata
- Replica set
- Labels
- Affinity
- Container image
- Port for the app's service
- Resource requests and limits
- Liveness and readiness probes
- Pod Disruption Budget
- Exposing the app service
- Configmaps for container environment variables
- Secrets for container environment variables
- Persistent volumes for container storage
- Complete example deployment YAML
- Packaging apps in version 4 clusters for reuse in multiple environments with Kustomize
Deploying apps in OpenShift clusters
- Moving your apps to {{site.data.keyword.openshiftshort}}
- Deploying apps to specific worker nodes by using labels
- Deploying an app on a GPU machine
- Deploying Cloud Paks, licensed software, and other integrations
- Accessing the {{site.data.keyword.openshiftshort}} web console
Testing access to apps with NodePorts
- Update strategies
- Scaling apps
- Managing rolling deployments to update your apps
- Setting up continuous integration and delivery
- Copying deployments to another cluster
{: #sitemap_exposing_apps}
Choosing an app exposure service
- Understanding options for exposing apps
- Choosing among load balancing solutions
- Planning public external load balancing
- Planning private external load balancing
{: #sitemap_exposing_apps_with_routes}
Exposing apps with routes in {{site.data.keyword.openshiftshort}} 4
- Overview
- Route types and TLS termination
- Setting up public routes
- Setting up private routes
- Moving router services across VLANs in classic clusters
Encrypting routes with keys stored in {{site.data.keyword.hscrypto}}
- Before you begin
- Step 1: Set up default router sharding
- Step 2: Install the {{site.data.keyword.cloud_notm}} HPCS Router operator
- Step 3: Create and integrate a router with {{site.data.keyword.hscrypto}}
- Step 4: Create a route certificate that uses a private key from {{site.data.keyword.hscrypto}}
- Step 5: Create an encrypted route with the certificate
- Version history
Exposing apps with routes in {{site.data.keyword.openshiftshort}} 3.11
- Overview
- Route types and TLS termination
- Setting up public routes
- Setting up private routes
- Moving router services across VLANs
{: #sitemap_exposing_apps_with_load_balancers}
Quick start for load balancers
- Exposing an app by using an NLB in a classic cluster
- Exposing an app by using a VPC load balancer in a VPC cluster
VPC: Exposing apps with load balancers for VPC
- About VPC load balancing in {{site.data.keyword.openshiftlong_notm}}
- Setting up a Network Load Balancer for VPC
- Setting up an Application Load Balancer for VPC
- Limitations
Classic: About network load balancers (NLBs)
- Comparison of basic and DSR load balancing in version 1.0 and 2.0 NLBs
- Components and architecture of an NLB 1.0
- Components and architecture of an NLB 2.0
Classic: Setting up basic load balancing with an NLB 1.0
- Setting up an NLB 1.0 in a multizone cluster
- Setting up an NLB 1.0 in a single-zone cluster
- Enabling source IP preservation
Classic: Setting up DSR load balancing with an NLB 2.0
- Prerequisites
- Setting up an NLB 2.0 in a multizone cluster
- Setting up an NLB 2.0 in a single-zone cluster
- Scheduling algorithms
Classic: Registering a DNS subdomain for an NLB
- Registering NLB IPs with a DNS subdomain
- Understanding the subdomain format
- Enable health checks on a subdomain by creating a health monitor
{: #sitemap_exposing_apps_with_ingress_in_openshift_4}
Quick start for Ingress in {{site.data.keyword.openshiftshort}} 4
About Ingress in {{site.data.keyword.openshiftshort}} 4
- What are the components of Ingress?
- How does a request get to my app in a classic cluster?
- How does a request get to my app in a VPC cluster?
- How can I customize routing?
- How can I enable TLS certificates?
Setting up Ingress in {{site.data.keyword.openshiftshort}} 4
- Prerequisites
- Planning networking for single or multiple projects
- Publicly exposing apps in classic clusters or in VPC clusters with a public cloud service endpoint
- Publicly exposing apps in VPC clusters with a private cloud service endpoint only
- Publicly exposing apps that are outside your cluster
- Privately exposing apps in classic clusters or in VPC clusters with a public cloud service endpoint
- Privately exposing apps in VPC clusters with a private cloud service endpoint only
- Managing TLS certificates and secrets
- Customizing Ingress routing with annotations
{: #sitemap_exposing_apps_with_ingress_in_openshift_3.11}
About Ingress in {{site.data.keyword.openshiftshort}} 3.11
- What are the components of Ingress?
- How does a request get to my app?
- How can I enable TLS certificates?
- How can I customize routing?
- How do I manage the lifecycle of my ALBs?
- Quick start
- Prerequisites
- Planning networking for single or multiple namespaces
- Exposing apps that are inside your cluster to the public
- Exposing apps that are outside your cluster to the public
- Exposing apps to a private network
- Managing TLS certificates and secrets
- Opening non-default ports in the Ingress ALB
- Updating ALBs
- Scaling ALBs
- Moving ALBs across VLANs
- Increasing the restart readiness check time for ALB pods
{{site.data.keyword.openshiftlong_notm}} Ingress annotations
- General annotations
- Connection annotations
- Custom connect-timeouts and read-timeouts (
proxy-connect-timeout
,proxy-read-timeout
) - Keepalive requests (
keepalive-requests
) - Keepalive timeout (
keepalive-timeout
) - Proxy next upstream (
proxy-next-upstream-config
) - Session-affinity with cookies (
sticky-cookie-services
) - Upstream fail timeout (
upstream-fail-timeout
) - Upstream keepalive (
upstream-keepalive
) - Upstream keepalive timeout (
upstream-keepalive-timeout
) - Upstream max fails (
upstream-max-fails
)
- Custom connect-timeouts and read-timeouts (
- HTTPS and TLS/SSL authentication annotations
- Path routing annotations
- Proxy buffer annotations
- Request and response annotations
- Service limit annotations
- User authentication annotations
- Preserving the source IP address
- Configuring SSL protocols and SSL ciphers at the HTTP level
- Sending your custom certificate to legacy clients
- Tuning ALB performance
Logging and monitoring {{site.data.keyword.openshiftlong_notm}} Ingress
- Viewing Ingress logs
- Customizing Ingress log content and format
- Monitoring the Ingress ALB
- Increasing the shared memory zone size for Ingress metrics collection
Bringing your own Ingress controller
{: #sitemap_exposing_apps_in__clusters}
Exposing apps in {{site.data.keyword.satelliteshort}} clusters
-
Exposing apps with {{site.data.keyword.openshiftshort}} routes
-
Setting up a third-party load balancer in front of the {{site.data.keyword.openshiftshort}} router
-
Exposing apps with routes and Link endpoints for traffic from {{site.data.keyword.cloud_notm}}
{: #sitemap_storing_data_on_persistent_storage}
Planning highly available persistent storage
- Choosing a storage solution
- Comparison of non-persistent storage options
- Comparison of persistent storage options for single zone clusters
- Comparison of persistent storage options for multizone clusters
Understanding Kubernetes storage basics
- Persistent volumes and persistent volume claims
- Dynamic provisioning
- Static provisioning
- Storage classes
Storing data on classic IBM Cloud {{site.data.keyword.filestorage_short}}
- Quickstart for {{site.data.keyword.cloud_notm}} {{site.data.keyword.filestorage_short}}
- Deciding on the {{site.data.keyword.filestorage_short}} configuration
- Adding {{site.data.keyword.filestorage_short}} to apps
- Using existing {{site.data.keyword.filestorage_short}} in your cluster
- Using {{site.data.keyword.filestorage_short}} in a stateful set
- Changing the size and IOPS of your existing storage device
- Changing the default NFS version
- Backing up and restoring data
- Storage class reference
- Sample customized storage classes
- Removing persistent storage from a cluster
Storing data on classic IBM Cloud {{site.data.keyword.blockstorageshort}}
- Quickstart for {{site.data.keyword.cloud_notm}} {{site.data.keyword.blockstorageshort}}
- Deciding on the block storage configuration
- Setting up encryption for {{site.data.keyword.blockstorageshort}}
- Adding block storage to apps
- Using existing block storage in your cluster
- Using block storage in a stateful set
- Changing the size and IOPS of your existing storage device
- Backing up and restoring data
- Storage class reference
- Sample customized storage classes
- Removing persistent storage from a cluster
Storing data on {{site.data.keyword.block_storage_is_short}}
- Quickstart for {{site.data.keyword.cloud_notm}} {{site.data.keyword.block_storage_is_short}}
- Adding {{site.data.keyword.block_storage_is_short}} to your apps
- Using an existing {{site.data.keyword.block_storage_is_short}} instance
- Updating the {{site.data.keyword.block_storage_is_short}} add-on
- Setting up encryption for {{site.data.keyword.block_storage_is_short}}
- Customizing the default storage settings
- Creating a custom storage class
- Verifying your {{site.data.keyword.block_storage_is_short}} file system
- Storing your custom PVC settings in a Kubernetes secret
- Enabling every user to customize the default PVC settings
- Enforcing base64 encoding for the {{site.data.keyword.keymanagementserviceshort}} root key CRN
- Backing up and restoring data
- Storage class reference
- Removing persistent storage from a cluster
Storing data on IBM Cloud Object Storage
- Creating your object storage service instance
- Creating {{site.data.keyword.cos_full_notm}} service credentials
- Creating a secret for the object storage service credentials
- Installing the IBM Cloud Object Storage plug-in
- Deciding on the object storage configuration
- VPC: Setting up authorized IP addresses for {{site.data.keyword.cos_full_notm}}
- Adding object storage to apps
- Using object storage in a stateful set
- Backing up and restoring data
- Adding your {{site.data.keyword.cos_full_notm}} credentials to the default storage classes
- Storage class reference
- Limitations
Storing data on software-defined storage (SDS) with Portworx
- About Portworx
- What is software-defined storage (SDS)?
- How does Portworx work?
- What worker node flavor in {{site.data.keyword.openshiftlong_notm}} is the right one for Portworx?
- What if I want to run Portworx in a classic cluster with non-SDS worker nodes?
- How can I make sure that my data is stored highly available?
- What volume topology offers the best performance for my pods?
- What's next?
- Planning your Portworx setup
- Creating raw, unformatted, and unmounted block storage for VPC and non-SDS classic worker nodes
- Setting up a key-value store for Portworx metadata
- Optional: Setting up volume encryption
- Installing Portworx in your cluster
- Creating a Portworx volume
- Mounting the volume to your app
- Setting up disaster recovery with Portworx
- Exploring other Portworx features
- Cleaning up your Portworx volumes and cluster
- Getting help and support
- Limitations
{: #sitemap_preparing_your_cluster_for_openshift_container_storage}
Preparing your cluster for OpenShift Container Storage
{: #sitemap_installing_openshift_container_storage_in_your_cluster}
Installing OpenShift Container Storage in your cluster
{: #sitemap_setting_up_your_storage_cluster}
Setting up your storage cluster
-
Add-on for VPC clusters: Creating your OCS storage cluster CRD
-
Add-on for classic clusters: Creating your OCS storage cluster CRD
-
Operator: Creating an OCS storage cluster in the web console
{: #sitemap_deploying_an_app_that_uses_openshift_container_storage}
Deploying an app that uses OpenShift Container Storage
{: #sitemap_managing_your_openshift_container_storage_deployment}
Managing your OpenShift Container Storage deployment
{: #sitemap_storage_class_reference}
{: #sitemap_storing_data_on__for_unmanaged_clusters}
Storing data on {{site.data.keyword.block_storage_is_short}} for unmanaged clusters
-
Creating the {{site.data.keyword.block_storage_is_short}} driver deployment
-
Deploying a stateful set that uses {{site.data.keyword.block_storage_is_short}}
-
Removing the {{site.data.keyword.block_storage_is_short}} driver
{: #sitemap_backing_up_and_restoring_storage_data}
Backing up and restoring storage data
{: #sitemap_ibm_cloud_storage_utilities}
-
Classic: Installing the IBM Cloud Block Storage Attacher plug-in (beta)
-
Classic: Manually adding block storage to specific worker nodes
-
Classic: Attaching raw block storage to non-SDS worker nodes
-
VPC: Adding raw {{site.data.keyword.blockstorageshort}} to VPC worker nodes by using the API
-
VPC: Attaching raw {{site.data.keyword.blockstorageshort}} to VPC worker nodes by using the CLI
-
Setting up {{site.data.keyword.mon_full_notm}} for storage volumes
{: #sitemap_enhancing_your_cluster_with_cloud_paks,_operators,_and_integrations}
{{site.data.keyword.openshiftlong_notm}} partners
IBM Cloud services and third-party integrations
- Overview of Cloud Pak offerings
- Adding IBM Cloud Paks
- Assigning a Cloud Pak entitlement to your {{site.data.keyword.cloud_notm}} account
- FAQs for Cloud Pak on {{site.data.keyword.openshiftlong_notm}}
Adding services by using Operators
- Using Operators in version 4 clusters
- Disabling and mirroring OperatorHub catalog source images
- Using Operators in 3.11 clusters
- Using the service catalog in 3.11 clusters
Adding services by using managed add-ons
- Adding managed add-ons
- Updating managed add-ons
- Reviewing add-on states and statuses
- Supported add-ons for clusters in {{site.data.keyword.satelliteshort}} locations
Adding services by using Helm charts
Adding services by using IBM Cloud service binding
- Adding IBM Cloud services to clusters
- Accessing service credentials from your apps
- Removing a service from a cluster
{: #sitemap_understanding_high_availability_and_disaster_recovery_for_}
Understanding high availability and disaster recovery for {{site.data.keyword.openshiftlong_notm}}
{: #sitemap_api_reference}
IBM Cloud Kubernetes Service API{: external}
IBM Cloud Kubernetes Service API JSON{: external}
OpenShift Container Platform REST API{: external}
{: #sitemap_cli_plug-in_reference}
{{site.data.keyword.openshiftlong_notm}} CLI
cluster
commandsibmcloud oc cluster addon disable
ibmcloud oc cluster addon enable
ibmcloud oc cluster addon ls
ibmcloud oc cluster ca create
ibmcloud oc cluster ca rotate
ibmcloud oc cluster ca status
ibmcloud oc cluster config
ibmcloud oc cluster create classic
ibmcloud oc cluster create vpc-gen2
ibmcloud oc cluster get
ibmcloud oc cluster image-security disable
ibmcloud oc cluster image-security enable
ibmcloud oc cluster ls
ibmcloud oc cluster master private-service-endpoint allowlist
ibmcloud oc cluster master private-service-endpoint enable
ibmcloud oc cluster master public-service-endpoint enable
ibmcloud oc cluster master refresh
ibmcloud oc cluster master update
ibmcloud oc cluster pull-secret apply
ibmcloud oc cluster rm
ibmcloud oc cluster service bind
ibmcloud oc cluster service ls
ibmcloud oc cluster service unbind
ibmcloud oc cluster subnet add
ibmcloud oc cluster subnet create
ibmcloud oc cluster subnet detach
- Deprecated:
ibmcloud oc cluster user-subnet add
- Deprecated:
ibmcloud oc cluster user-subnet rm
worker
commandsworker-pool
commandsibmcloud oc worker-pool create classic
ibmcloud oc worker-pool create vpc-gen2
ibmcloud oc worker-pool get
ibmcloud oc worker-pool label rm
ibmcloud oc worker-pool label set
ibmcloud oc worker-pool ls
ibmcloud oc worker-pool rebalance
ibmcloud oc worker-pool resize
ibmcloud oc worker-pool rm
ibmcloud oc worker-pool taint
ibmcloud oc worker-pool zones
zone
commandsingress
commandsibmcloud oc ingress alb autoupdate disable
ibmcloud oc ingress alb autoupdate enable
ibmcloud oc ingress alb autoupdate get
ibmcloud oc ingress alb create classic
ibmcloud oc ingress alb disable
ibmcloud oc ingress alb enable classic
ibmcloud oc ingress alb get
ibmcloud oc ingress alb ls
- Beta:
ibmcloud oc ingress alb migrate clean
- Beta:
ibmcloud oc ingress alb migrate start
- Beta:
ibmcloud oc ingress alb migrate status
ibmcloud oc ingress alb update
ibmcloud oc ingress alb versions
- Beta:
ibmcloud oc ingress lb get
- Beta:
ibmcloud oc ingress lb proxy-protocol disable
- Beta:
ibmcloud oc ingress lb proxy-protocol enable
- Beta:
ibmcloud oc ingress secret create
- Beta:
ibmcloud oc ingress secret get
- Beta:
ibmcloud oc ingress secret ls
- Beta:
ibmcloud oc ingress secret rm
- Beta:
ibmcloud oc ingress secret update
ibmcloud oc ingress status
logging
commandsibmcloud oc logging autoupdate disable
ibmcloud oc logging autoupdate enable
ibmcloud oc logging autoupdate get
ibmcloud oc logging collect
ibmcloud oc logging collect-status
ibmcloud oc logging config create
ibmcloud oc logging config get
ibmcloud oc logging config rm
ibmcloud oc logging config update
ibmcloud oc logging filter create
ibmcloud oc logging filter get
ibmcloud oc logging filter rm
ibmcloud oc logging filter update
ibmcloud oc logging refresh
nlb-dns
commandsibmcloud oc nlb-dns add
ibmcloud oc nlb-dns create classic
ibmcloud oc nlb-dns create vpc-gen2
ibmcloud oc nlb-dns ls
ibmcloud oc nlb-dns monitor configure
ibmcloud oc nlb-dns monitor disable
ibmcloud oc nlb-dns monitor enable
ibmcloud oc nlb-dns monitor get
ibmcloud oc nlb-dns monitor ls
ibmcloud oc nlb-dns monitor status
ibmcloud oc nlb-dns replace
ibmcloud oc nlb-dns rm classic
ibmcloud oc nlb-dns rm vpc-gen2
- Experimental:
ibmcloud oc nlb-dns secret regenerate
- Experimental:
ibmcloud oc nlb-dns secret rm
webhook-create
commandapi-key
commandscredential
commandsinfra-permissions
commandskms
commandsquota
commandssubnets
commandvlan
commandsvpcs
commandaddon-versions
commandflavors
commandmessages
command- locations command
versions
commandapi
commandinit
commandscript
commands- Beta:
storage
commands - Beta: {{site.data.keyword.satelliteshort}} commands
{: #sitemap_version_history}
Version information and update actions
- Update types
- {{site.data.keyword.openshiftshort}} versions
- Release history
- {{site.data.keyword.openshiftshort}} 4.6
- {{site.data.keyword.openshiftshort}} 4.5
- Deprecated: {{site.data.keyword.openshiftshort}} 4.4
- Archive
- Version 4.6 changelog
- Changelog for master fix pack 4.6.23_1540_openshift, released 27 April 2021
- Changelog for worker node fix pack 4.6.25_1541_openshift, released 26 April 2021
- Changelog for worker node fix pack 4.6.23_1539_openshift, released 12 April 2021
- Changelog for master fix pack 4.6.22_1538_openshift, released 2 April 2021
- Changelog for master fix pack 4.6.21_1535_openshift, released 30 March 2021
- Changelog for worker node fix pack 4.6.22_1536_openshift, released 29 March 2021
- Changelog for worker node fix pack 4.6.20_1534_openshift, released 12 March 2021
- Changelog for worker node fix pack 4.6.18_1533_openshift, released 1 March 2021
- Changelog for master fix pack 4.6.17_1533_openshift, released 27 February 2021
- Changelog for master fix pack 4.6.16_1532_openshift, released 22 February 2021
- Changelog for 4.6.16_1530_openshift (master) and 4.6.16_1529_openshift (worker node), released 17 February 2020
- Version 4.5 changelog
- Changelog for master fix pack 4.5.37_1536_openshift, released 27 April 2021
- Changelog for worker node fix pack 4.5.37_1537_openshift, released 26 April 2021
- Changelog for worker node fix pack 4.5.35_1535_openshift, released 12 April 2021
- Changelog for master fix pack 4.5.35_1533_openshift, released 30 March 2021
- Changelog for worker node fix pack 4.5.35_1534_openshift, released 29 March 2021
- Changelog for worker node fix pack 4.5.33_1532_openshift, released 12 March 2021
- Changelog for worker node fix pack 4.5.31_1531_openshift, released 1 March 2021
- Changelog for master fix pack 4.5.31_1531_openshift, released 27 February 2021
- Changelog for master fix pack 4.5.31_1530_openshift, released 22 February 2021
- Changelog for worker node fix pack 4.5.31_1529_openshift, released 15 February 2021
- Changelog for worker node fix pack 4.5.28_1528_openshift, released 1 February 2021
- Changelog for master fix pack 4.5.24_1527_openshift, released 19 January 2021
- Changelog for worker node fix pack 4.5.24_1526_openshift, released 18 January 2021
- Changelog for master fix pack 4.5.24_1525_openshift, released 6 January 2021
- Changelog for worker node fix pack 4.5.22_1524_openshift, released 21 December 2020
- Changelog for master fix pack 4.5.18_1523_openshift, released 14 December 2020
- Changelog for worker node fix pack 4.5.21_1522_openshift, released 7 December 2020
- Changelog for worker node fix pack 4.5.19_1521_openshift, released 23 November 2020
- Changelog for master fix pack 4.5.18_1521_openshift, released 16 November 2020
- Changelog for worker node fix pack 4.5.17_1519_openshift, released 9 November 2020
- Changelog for worker node fix pack 4.5.15_1518_openshift, released 26 October 2020
- Changelog for master fix pack 4.5.15_1518_openshift, released 26 October 2020
- Changelog for 4.5.13_1515_openshift, released 13 October 2020
- Deprecated: Version 4.4 changelog
- Changelog for master fix pack 4.4.33_1539_openshift, released 27 April 2021
- Changelog for worker node fix pack 4.4.33_1540_openshift, released 26 April 2021
- Changelog for worker node fix pack 4.4.33_1538_openshift, released 12 April 2021
- Changelog for master fix pack 4.4.33_1536_openshift, released 30 March 2021
- Changelog for worker node fix pack 4.4.33_1537_openshift, released 29 March 2021
- Changelog for worker node fix pack 4.4.33_1535_openshift, released 12 March 2021
- Changelog for worker node fix pack 4.4.33_1534_openshift, released 1 March 2021
- Changelog for master fix pack 4.4.33_1534_openshift, released 22 February 2021
- Changelog for worker node fix pack 4.4.33_1533_openshift, released 15 February 2021
- Changelog for worker node fix pack 4.4.31_1532_openshift, released 1 February 2021
- Changelog for master fix pack 4.4.31_1531_openshift, released 19 January 2021
- Changelog for worker node fix pack 4.4.31_1530_openshift, released 18 January 2021
- Changelog for master fix pack 4.4.31_1529_openshift, released 6 January 2021
- Changelog for worker node fix pack 4.4.31_1528_openshift, released 21 December 2020
- Changelog for master fix pack 4.4.29_1527_openshift, released 14 December 2020
- Changelog for worker node fix pack 4.4.31_1526_openshift, released 7 December 2020
- Changelog for worker node fix pack 4.4.30_1525_openshift, released 23 November 2020
- Changelog for master fix pack 4.4.29_1525_openshift, released 16 November 2020
- Changelog for worker node fix pack 4.4.29_1524_openshift, released 9 November 2020
- Changelog for worker node fix pack 4.4.27_1523_openshift, released 26 October 2020
- Changelog for master fix pack 4.4.27_1523_openshift, released 26 October 2020
- Changelog for worker node fix pack 4.4.26_1521_openshift, released 12 October 2020
- Changelog for worker node fix pack 4.4.23_1520_openshift, released 30 September 2020
- Changelog for worker node fix pack 4.4.23_1519_openshift, released 28 September 2020
- Changelog for master fix pack 4.4.20_1518_openshift, released 21 September 2020
- Changelog for worker node fix pack 4.4.20_1517_openshift, released 14 September 2020
- Changelog for worker node fix pack 4.4.18_1516_openshift, released 31 August 2020
- Changelog for master fix pack 4.4.17_1515_openshift, released 21 August 2020
- Changelog for master fix pack 4.4.16_1513_openshift, released 18 August 2020
- Changelog for worker node fix pack 4.4.16_1513_openshift, released 17 August 2020
- Changelog for worker node fix pack 4.4.14_1512_openshift, released 3 August 2020
- Changelog for 4.4.11_1511_openshift, released 21 July 2020
- Deprecated: Version 3.11 changelog
- Changelog for master fix pack 3.11.420_1586_openshift, released 27 April 2021
- Changelog for worker node fix pack 3.11.420_1587_openshift, released 26 April 2021
- Changelog for worker node fix pack 3.11.404_1585_openshift, released 12 April 2021
- Changelog for master fix pack 3.11.394_1583_openshift, released 30 March 2021
- Changelog for worker node fix pack 3.11.404_1584_openshift, released 29 March 2021
- Changelog for worker node fix pack 3.11.394_1582_openshift, released 12 March 2021
- Changelog for worker node fix pack 3.11.380_1581_openshift, released 1 March 2021
- Changelog for master fix pack 3.11.380_1581_openshift, released 22 February 2021
- Changelog for worker node fix pack 3.11.380_1580_openshift, released 15 February 2021
- Changelog for worker node fix pack 3.11.374_1579_openshift, released 1 February 2021
- Changelog for master fix pack 3.11.346_1578_openshift, released 19 January 2021
- Changelog for worker node fix pack 3.11.346_1578_openshift, released 18 January 2021
- Changelog for master fix pack 3.11.346_1577_openshift, released 6 January 2021
- Changelog for worker node fix pack 3.11.346_1576_openshift, released 21 December 2020
- Changelog for master fix pack 3.11.318_1575_openshift, released 14 December 2020
- Changelog for worker node fix pack 3.11.318_1574_openshift, released 7 December 2020
- Changelog for worker node fix pack 3.11.318_1573_openshift, released 23 November 2020
- Changelog for master fix pack 3.11.306_1573_openshift, released 16 November 2020
- Changelog for worker node fix pack 3.11.306_1572_openshift, released 9 November 2020
- Changelog for worker node fix pack 3.11.306_1571_openshift, released 26 October 2020
- Changelog for master fix pack 3.11.286_1571_openshift, released 26 October 2020
- Changelog for worker node fix pack 3.11.286_1570_openshift, released 12 October 2020
- Changelog for worker node fix pack 3.11.286_1569_openshift, released 30 September 2020
- Changelog for worker node fix pack 3.11.286_1568_openshift, released 28 September 2020
- Changelog for master fix pack 3.11.272_1567_openshift, released 21 September 2020
- Changelog for worker node fix pack 3.11.272_1566_openshift, released 14 September 2020
- Changelog for worker node fix pack 3.11.272_1565_openshift, released 31 August 2020
- Changelog for master fix pack 3.11.248_1564_openshift, released 18 August 2020
- Changelog for worker node fix pack 3.11.248_1564_openshift, released 17 August 2020
- Changelog for worker node fix pack 3.11.248_1561_openshift, released 3 August 2020
- Changelog for master fix pack 3.11.232_1560_openshift, released 24 July 2020
- Changelog for master fix pack 3.11.232_1559_openshift, released 20 July 2020
- Changelog for worker node fix pack 3.11.232_1558_openshift, released 20 July 2020
- Changelog for worker node fix pack 3.11.232_1555_openshift, released 6 July 2020
- Changelog for master fix pack 3.11.219_1554_openshift and worker node fix pack 3.11.232_1554_openshift, released 22 June 2020
- Changelog for worker node fix pack 3.11.219_1552_openshift, released 8 June 2020
- Changelog for 3.11.216_1551_openshift, released 26 May 2020
- Changelog for worker node fix pack 3.11.216_1550_openshift, released 11 May 2020
- Changelog for worker node fix pack 3.11.200_1549_openshift, released 27 April 2020
- Changelog for master fix pack 3.11.200_1548_openshift, released 23 April 2020
- Changelog for worker node fix pack 3.11.200_1546_openshift, released 13 April 2020
- Changelog for worker node fix pack 3.11.188_1545_openshift, released 30 March 2020
- Changelog for 3.11.170_1544_openshift, released 16 March 2020
- Changelog for worker node fix pack 3.11.170_1543_openshift, released 17 February 2020
- Changelog for master fix pack 3.11.161_1542_openshift, released 18 February 2020
- Changelog for worker node fix pack 3.11.161_1542_openshift, released 17 February 2020
- Changelog for worker node fix pack 3.11.161_1540_openshift, released 3 February 2020
- Changelog for master fix pack 3.11.161_1539_openshift, released 3 February 2020
- Changelog for 3.11.161_1538_openshift, released 20 January 2020
- Changelog for worker node fix pack 3.11.157_1537_openshift, released 23 December 2019
- Changelog for master fix pack 3.11.154_1536_openshift, released 17 December 2019
- Changelog for worker node fix pack 3.11.154_1534_openshift, released 9 December 2019
- Changelog for worker node fix pack 3.11.154_1533_openshift, released 25 November 2019
- Changelog for master fix pack 3.11.154_1533_openshift, released 21 November 2019
- Changelog for worker node fix pack 3.11.153_1530_openshift, released 11 November 2019
- Changelog for worker node fix pack 3.11.153_1529_openshift, released 28 October 2019
- Changelog for master fix pack 3.11.146_1528_openshift, released 22 October 2019
- Changelog for worker node fix pack 3.11.146_1527_openshift, released 14 October 2019
- Changelog for master fix pack 3.11.146_1526_openshift, released 4 October 2019
- Changelog for 3.11.146_1525_openshift, released 3 October 2019
- Changelog for 3.11.141_1524_openshift, released 16 September 2019
- Changelog for worker node fix pack 3.11.135_1523_openshift, released 3 September 2019
- Changelog for master fix pack 3.11.135_1522_openshift, released 28 August 2019
- Changelog for worker node fix pack 3.11.135_1521_openshift, released 19 August 2019
- Changelog for master fix pack 3.11.135_1521_openshift, released 17 August 2019
- Changelog for master fix pack 3.11.135_1520_openshift, released 15 August 2019
- Changelog for worker node patch 3.11.129_1518_openshift, released 5 August 2019
- Changelog for 3.11.129_1517_openshift, released 2 August 2019
- Using the benchmark
- Running the worker node CIS Kubernetes benchmark
- Benchmark 1.5 results for {{site.data.keyword.openshiftshort}} version 4.6
Cluster autoscaler add-on changelog
{{site.data.keyword.block_storage_is_short}} add-on changelog
Back up and restore Helm chart
{{site.data.keyword.cloud_notm}} HPCS Router add-on changelog
{{site.data.keyword.cloud_notm}} Image Key Synchronizer add-on changelog
Archived {{site.data.keyword.openshiftshort}} version changelogs
- Version 4.3 changelog (unsupported as of 7 March 2021)
- Changelog for worker node fix pack 4.3.40_1555_openshift, released 1 March 2021
- Changelog for master fix pack 4.3.40_1555_openshift, released 22 February 2021
- Changelog for worker node fix pack 4.3.40_1554_openshift, released 15 February 2021
- Changelog for worker node fix pack 4.3.40_1553_openshift, released 1 February 2021
- Changelog for master fix pack 4.3.40_1552_openshift, released 19 January 2021
- Changelog for worker node fix pack 4.3.40_1551_openshift, released 18 January 2021
- Changelog for master fix pack 4.3.40_1550_openshift, released 6 January 2021
- Changelog for worker node fix pack 4.3.40_1549_openshift, released 21 December 2020
- Changelog for master fix pack 4.3.40_1548_openshift, released 14 December 2020
- Changelog for worker node fix pack 4.3.40_1547_openshift, released 7 December 2020
- Changelog for worker node fix pack 4.3.40_1546_openshift, released 23 November 2020
- Changelog for master fix pack 4.3.40_1546_openshift, released 16 November 2020
- Changelog for worker node fix pack 4.3.40_1545_openshift, released 9 November 2020
- Changelog for worker node fix pack 4.3.40_1544_openshift, released 26 October 2020
- Changelog for master fix pack 4.3.38_1544_openshift, released 26 October 2020
- Changelog for worker node fix pack 4.3.38_1542_openshift, released 12 October 2020
- Changelog for worker node fix pack 4.3.38_1541_openshift, released 30 September 2020
- Changelog for worker node fix pack 4.3.38_1540_openshift, released 28 September 2020
- Changelog for master fix pack 4.3.35_1539_openshift, released 21 September 2020
- Changelog for worker node fix pack 4.3.35_1538_openshift, released 14 September 2020
- Changelog for worker node fix pack 4.3.33_1537_openshift, released 31 August 2020
- Changelog for master fix pack 4.3.31_1536_openshift, released 21 August 2020
- Changelog for master fix pack 4.3.31_1534_openshift, released 18 August 2020
- Changelog for worker node fix pack 4.3.31_1534_openshift, released 17 August 2020
- Changelog for worker node fix pack 4.3.29_1533_openshift, released 3 August 2020
- Changelog for master fix pack 4.3.28_1532_openshift, released 20 July 2020
- Changelog for worker node fix pack 4.3.29_1532_openshift, released 20 July 2020
- Changelog for worker node fix pack 4.3.27_1528_openshift, released 6 July 2020
- Changelog for master fix pack 4.3.23_1527_openshift and worker node fix pack 4.3.25_1527_openshift, released 22 June 2020
- Changelog for master fix pack 4.3.23_1525_openshift, released 16 June 2020
- Changelog for worker node fix pack 4.3.23_1524_openshift, released 8 June 2020
- Changelog for worker node fix pack 4.3.21_1523_openshift, released 26 May 2020
- Changelog for master fix pack 4.3.19_1523_openshift, released 26 May 2020
- Changelog for master fix pack 4.3.18_1522_openshift, released 12 May 2020
- Changelog for worker node fix pack 4.3.14_1522_openshift, released 11 May 2020
- Changelog for worker node fix pack 4.3.13_1521_openshift, released 27 April 2020
- Changelog for master fix pack 4.3.12_1520_openshift and worker node fix pack 4.3.10_1518_openshift, released 20 April 2020
{: #sitemap_iam_and_activity_tracker_events}
- Permissions to create a cluster
- {{site.data.keyword.cloud_notm}} IAM platform access roles
- {{site.data.keyword.cloud_notm}} IAM service access roles
- Kubernetes resource permissions per RBAC role
- {{site.data.keyword.cloud_notm}} IAM issuer details for RBAC users
- Cloud Foundry roles
- Classic infrastructure roles
{{site.data.keyword.at_full_notm}} events
- Cluster events
- Cluster account events
- Cluster add-on events
- Fluentd logging events
- Ingress ALB events
- Ingress secret events
- Observability events for logging and monitoring
- NLB DNS events
- Private service endpoint allowlist events
- {{site.data.keyword.satelliteshort}} events
- Storage events
- Worker node and worker pool events
- Viewing your cluster events
IAM and {{site.data.keyword.cloudaccesstrailshort}} action by API method
- Account
- Cluster
- Ingress
- Ingress ALB
- Fluentd logging
- NLB DNS
- Observability: {{site.data.keyword.la_short}}
- Observability: {{site.data.keyword.mon_short}}
- Private service endpoint allowlist
- Satellite
- Storage
- Worker nodes and worker pools
{: #sitemap_locations}
{: #sitemap_supported_ibm_cloud_and_third-party_integrations}
Supported IBM Cloud and third-party integrations
{: #sitemap_default_service_settings_for__components}
Default service settings for {{site.data.keyword.openshiftshort}} components
{: #sitemap_related_links}
OpenShift Container Platform documentation{: external}
IBM Developer: Red Hat OpenShift on IBM Cloud{: external}
{: #sitemap_faqs}
-
Does the service come with a managed {{site.data.keyword.openshiftshort}} master and worker nodes?
-
Where can I find a list of security bulletins that affect my cluster?
-
Does IBM support third-party and open source tools that I use with my cluster?
-
What am I charged for? Can I estimate and control costs in my cluster?
{: #sitemap_troubleshooting_clusters}
- Running tests with the Diagnostics and Debug Tool
- Debugging clusters
- Reviewing master health
- Debugging {{site.data.keyword.openshiftshort}} web console, OperatorHub, internal registry, and other components
- Common CLI issues
- Unable to create or delete worker nodes or clusters
- Unable to create a cluster in the console due to
No VPC is available
error - Cluster create error about cloud object storage bucket
- Cluster create error cannot pull images from {{site.data.keyword.registrylong_notm}}
- Cluster cannot update because of broken webhook
- Portieris cluster image security enforcement installation is canceled
- Cluster remains in a pending State
- Unable to view or work with a cluster
- No resources found
- VPN server error due to infrastructure credentials
- Debugging worker nodes
- Common issues with worker nodes
- Using the Kubernetes API to debug worker nodes
- Unable to create or delete worker nodes or clusters
- Cannot add worker nodes due to an invalid VLAN ID
- Replacing a worker node does not create a worker node
- Accessing your worker node with SSH fails
- Bare metal instance ID is inconsistent with worker records
- After a worker node updates or reloads, duplicate nodes and pods appear
- After deleting all worker nodes, several pods do not start on new worker nodes
- Accessing a pod on a new worker node fails with a timeout
- Debugging the cluster autoscaler
- Cluster autoscaler add-on deployment fails and the
ibm-iks-cluster-autoscaler
pod is stuck in theInit
state
- Missing the public
containers.appdomain.cloud
subdomain - Cannot establish VPN connectivity with the strongSwan Helm chart
- Cannot install a new strongSwan Helm chart release
- strongSwan VPN connectivity fails after you add or delete worker nodes
- Debugging app deployments
- Build error due to image pull authentication
- Cannot push or pull images from local machine to Docker registry
- Time out when pushing to the internal registry
- Cannot push images to the internal registry from outside the VPC network
- Pod cannot complete operation with a permission denied error because of SCC
- Failed to pull image from registry with
ImagePullBackOff
or authorization errors - Containers do not start
- Pods remain in pending state
- Pods in
CrashLoopBackOff
status - Pods repeatedly fail to restart or are unexpectedly removed
- Binding a service to a cluster results in service not found error
- Binding a service to a cluster results in service does not support service keys error
- Cannot install a Helm chart with updated configuration values
- Classic clusters: Cannot connect to an app via a network load balancer (NLB) service
- Classic clusters: Cannot deploy a load balancer
- Classic clusters: Source IP preservation fails when using tainted nodes
- VPC clusters: Cannot connect to an app via load balancer
- VPC clusters: Kubernetes
LoadBalancer
service fails because no IPs are available - Classic clusters: OpenVPN server error due to ingress IP address for NLB
- OpenVPN server error due to NLB DNS
- Checking the status of Ingress components
- No Ingress subdomain exists after cluster creation
- No Ingress secret exists after cluster creation
- Cannot connect to an app via Ingress
- Version 4: Debugging Ingress
- Version 4: VPC load balancer for router only routes to one zone
- Version 4: Router for Ingress controller does not deploy in a zone
- Version 4: VPC load balancer health status failures
- Version 3.11: Debugging Ingress
- Step 1: Check your app deployment
- Step 2: Run Ingress tests in the Diagnostics and Debug Tool
- Step 3: Check for error messages in your Ingress deployment and the ALB pod logs
- Step 4: Ping the ALB subdomain and public IP addresses
- Step 5: Check your domain mappings and Ingress resource configuration
- Removing an ALB from DNS for debugging
- Version 3.11: Ingress application load balancer (ALB) secret issues
- Version 3.11: ALB pods do not deploy to worker nodes
- 3.11 clusters: ALB does not deploy in a zone
- Version 3.11: Ingress ALB cannot be enabled due to subnet errors
- Version 3.11: Source IP preservation fails when using tainted nodes
- No Ingress subdomain exists after you create clusters of the same or similar name
- Ingress secret expiration date is not updated
- Connection via WebSocket closes after 60 seconds
- Debugging persistent storage failures
- File storage and block storage: PVC remains in a pending state
- File storage: App cannot access or write to PVC
- Block Storage: App cannot access or write to PVC
- Block storage: Installing the Block storage plug-in Helm chart gives CPU throttling warnings
- Object storage: Installing the Object storage
ibmc
Helm plug-in fails - Object storage: Installing the Object storage plug-in fails
- Object storage: PVC remains in a pending state
- Object storage: Changing the ownership of the mount path fails
- Object storage: Accessing files with a non-root user fails
- Object Storage: App pod fails because of an
Operation not permitted
error - Object Storage: Transport endpoint is not connected
- PVC creation fails because of missing permissions
- Portworx: Debugging your Portworx installation
- Portworx: Encryption set up fails due to invalid KMS endpoint
- OpenShift Container Storage
- Feedback, questions, and support
- General ways to resolve cluster issues
- Reviewing issues and status
- Feedback and questions
- Contacting support
{: #sitemap_release_notes}
{: #sitemap_service_limitations}