Openshift
What does it mean?
csi Container Storage Interface cri Container Runtime Interface ocp OpenShift Container Platform uWSGI Project aims at developing a full stack for building hosting services.
login
oc login --username developerhttps://openshift:6443
switch user
oc login --username developer
which clusters have you logged into
oc config get-clusters
List projects
oc projects oc get projects
select project
oc project $project
list pods
oc get pods oc get pods --all-namespaces oc get pods -o wide
wide will give you on which node pod is running.
oc get pods -o wide --all-namespaces
get services
oc get svc
get shell on node
oc debug node/infra-2.ocpdev.lkl.ltkalmar.se
Get working env
chroot /host
get nodes
oc get nodes
connect to pod
oc rsh $pod bash
when several pods
oc get pod/router-default-6b76b87c6-5m7h6 -n openshift-ingress -o json | jq -r '.spec.containers[].name' router logs [2021-05-17 15:41:51 user@host:~] oc rsh -c router pod/router-default-6b76b87c6-5m7h6
execute command in pod
oc exec pod/router-default-545ffb97db-4h9rx -- $command
describe pods
oc describe pods oc describe pod stage-sales-62-qjd
To get (almost) all object with a specific label from the current project, execute:
oc get all -l '<label_name>=<label_value>'
logs
oc logs -f router-default-6b76b87c6-4lc4b logs > /tmp/tmp
get config from pod in yaml format
oc get pods router-default-545ffb97db-kgsdb -o yaml
get deployments
oc get deployment
set environment variable in pod
oc set env dc/your-app-name COLOR=blue
unset environment variable in pod
oc set env dc/your-app-name COLOR-
list environment variables
oc set env pod/router-default-545ffb97db-lj2t5 --list
list templates
oc get templates -n openshift
Custom resource definitions.(crd)
oc get crd
sort
CREATED AT
oc get crd --sort-by=.metadata.creationTimestamp
edit
oc edit deployment.apps/router-default
Watch changes taking place.
watch -n1 oc get all
grant permission to project
oc adm policy add-role-to-user view developer -n mysecrets
crictl
List running containers
crictl ps
List all pods
crictl pods
List all images
crictl images
Execute a command in a running container
crictl exec -it 1f73f2d81bf98 /bin/sh
nsenter
run program in different namespaces
which version
oc version
copy files from pod
Copy session keys locally.
oc rsync caas-2-8s6cl:/tmp/sslkeylog .
tcpdump from nodes
ssh $node toolbox
oc get route -A
get routing.
oc describe route sales -n hlt-prod
Name: sales Namespace: hlt-prod Created: 13 months ago Labels: <none> Annotations: haproxy.router.openshift.io/balance=roundrobin haproxy.router.openshift.io/disable_cookies=true Requested Host: sales.prod.bobcat.hlt.se exposed on router default (host apps.ocpprod.lkl.ltkalmar.se) 13 months ago Path: <none> TLS Termination: edge Insecure Policy: <none> Endpoint Port: port-8000-tcp Service: sales Weight: 100 (100%) Endpoints: 10.160.7.166:8000, 10.160.7.167:8000, 10.160.7.168:8000 + 35 more...
oc get pods -o custom-columns=POD:.metadata.name --no-headers --all-namespaces
Only name without headers
get label:s
oc get pods --no-headers --all-namespaces|grep -i running | head -2 | while read namespace pod blabla ; do echo '***' oc label pod/$pod --list=true -n $namespace ; oc label pod/$pod --list=true -n $namespace ; done
get subscriptions
oc get subscriptions -A