Openshift: Difference between revisions

From Halfface
Jump to navigation Jump to search
Line 159: Line 159:
=get subscriptions=
=get subscriptions=
  oc get subscriptions -A
  oc get subscriptions -A
=oc whoami=
=whoami=
  who am i
oc whoami
  oc config current-context
 
=oc explain pv=
=oc explain pv=
  oc explain pv
  oc explain pv

Revision as of 08:34, 27 September 2022

What does it mean?

crd                   custom resource definitions
cni                   Container Network Interface (OVNKubernetes OpenShiftSDN)				      <
cri                   Container Runtime Interface
csi                   Container Storage Interface
ipi                   Installer-Provisioned Infrastructure
kubelet               Kubelet is the primary "node agent" that runs on each node. Takes a set of PodSpecs (primarily through the apiserver) and ensures the containers described are running and healthy.
oadp                  openshift api data protection
ocp                   OpenShift Container Platform
ocs                   OpenShift Container Storage
ocm                   OpenShift Cluster Manager
odf                   OpenShift Data Foundation
olm                   Operator Lifecycle Manager
pvc                   Persistent volume claim.
pv                    Persistent volume. Persistent storage.
rosa                  Red Hat OpenShift Service on AWS
scc                   security context constraints
upi                   User-Provisioned Infrastructure
uWSGI                 Project aims at developing a full stack for building hosting services.

oc get

Available resources to ask about.

oc api-resources

login

oc login --username developerhttps://openshift:6443

switch user

oc login --username developer

which clusters have you logged into

oc config get-clusters

List projects

oc projects
oc get projects

select project

oc project $project

list pods

oc get pods
oc get pods --all-namespaces
oc get pods -o wide

wide will give you on which node pod is running.

oc get pods -o wide --all-namespaces

Get pods that are not runing.

oc get pods --field-selector status.phase!=Running --all-namespaces

Get pods matching two states

oc get pods --field-selector=status.phase!=Running,spec.restartPolicy=Always

get services

oc get svc

get shell on node

It is possible to debug more then nodes. (deployment, build, or job)

oc debug node/infra-2.ocpdev.lkl.ltkalmar.se

Get working env

chroot /host

get debug information from oc

oc debug --loglevel=10 node/$node

get nodes

oc get nodes
oc get nodes -o jsonpath='{.items[*].metadata.name}'
  1. Get nodes without headears. name, cpu:s, disk size, mem, ip address.
oc get nodes --no-headers --selector="node-role.kubernetes.io/worker" -o=custom-columns='NAME:.metadata.name,CPU:.status.capacity.cpu,DISK:.status.capacity.ephemeral-storage,MEM:.status.capacity.memory,IP:.status.addresses[?(@.type=="InternalIP")].address'

connect to pod

oc rsh $pod bash

when several pods

oc get pod/router-default-6b76b87c6-5m7h6 -n openshift-ingress -o json | jq -r '.spec.containers[].name'
router
logs
[2021-05-17 15:41:51 user@host:~]
oc rsh -c router pod/router-default-6b76b87c6-5m7h6

execute command in pod

oc exec pod/router-default-545ffb97db-4h9rx -- $command

describe pods

oc describe pods
oc describe pod stage-sales-62-qjd

To get (almost) all object with a specific label from the current project, execute:

oc get all -l '<label_name>=<label_value>'

logs

oc logs -f router-default-6b76b87c6-4lc4b logs > /tmp/tmp
oc logs -f --tail=0 router-default-6c666984fd-ct8zf logs
oc logs -f --namespace openshift-gitops deployment/openshift-gitops-server

get config from pod in yaml format

oc get pods router-default-545ffb97db-kgsdb -o yaml

get deployments

oc get deployments --all-namespaces

set environment variable in pod

oc set env dc/your-app-name COLOR=blue

unset environment variable in pod

oc set env dc/your-app-name COLOR-

list environment variables

oc set env pod/router-default-545ffb97db-lj2t5 --list

list templates

oc get templates -n openshift

Custom resource definitions.(crd)

oc get crd

sort

CREATED AT

oc get crd --sort-by=.metadata.creationTimestamp

edit

oc edit deployment.apps/router-default

Watch changes taking place.

watch -n1 oc get all

grant permission to project

oc adm policy add-role-to-user view developer -n mysecrets

crictl

List running containers

crictl ps

List all pods

crictl pods

List all images

crictl images

Execute a command in a running container

crictl exec -it 1f73f2d81bf98 /bin/sh

nsenter

run program in different namespaces

which version

oc version

copy files from pod

Copy session keys locally.

oc rsync caas-2-8s6cl:/tmp/sslkeylog .

tcpdump from nodes

ssh $node
toolbox

oc get route -A

get routing.

oc describe route sales -n hlt-prod

Name:                   sales
Namespace:              hlt-prod
Created:                13 months ago
Labels:                 <none>
Annotations:            haproxy.router.openshift.io/balance=roundrobin
                        haproxy.router.openshift.io/disable_cookies=true
Requested Host:         sales.prod.bobcat.hlt.se
                           exposed on router default (host apps.ocpprod.lkl.ltkalmar.se) 13 months ago
Path:                   <none>
TLS Termination:        edge
Insecure Policy:        <none>
Endpoint Port:          port-8000-tcp

Service:        sales
Weight:         100 (100%)
Endpoints:      10.160.7.166:8000, 10.160.7.167:8000, 10.160.7.168:8000 + 35 more...

oc get pods -o custom-columns=POD:.metadata.name --no-headers --all-namespaces

Only name without headers

get label:s

oc get pods --no-headers --all-namespaces|grep -i running | head -2 | while read  namespace pod blabla ; do echo '***' oc label pod/$pod --list=true -n $namespace ; oc label pod/$pod --list=true -n $namespace ; done

get subscriptions

oc get subscriptions -A

whoami

oc whoami
oc config current-context

oc explain pv

oc explain pv

oc get configmap cluster-monitoring-config

put node offline

Mark a node as unschedulable.

oc adm cordon node1

Drain a node in preparation for maintenance.

oc adm drain <node> --force --delete-emptydir-data --ignore-daemonsets
oc adm drain <node> --ignore-daemonsets --force --grace-period=30 --delete-local-data

Mark node as online.

oc adm uncordon node1

Get pv:s

oc get pv

Get more info about a pv.

oc describe pv $PV

get pvc:s

oc get pvc --all-namespaces | less

kubectl

List contexts

kubectl config get-contexts

Select context

kubectl config use-context default/api-blabla-halfface-se:6443/kube:admin

list groups

oc get groups

scale

oc scale --replicas=2 rc/postgresql-1

top

oc adm top pods --use-protocol-buffers --all-namespaces

oc get crd

Get Custom Resource Definitions.

oc get crd

operators

Automatically setup of a instances.

oc adm upgrade --to-image=

Upgrade to version that you found on github okd

oc adm upgrade

Upgrade okd images.

openshift upgrade path

https://access.redhat.com/labs/ocpupgradegraph/update_path?channel=stable-4.9&arch=x86_64&is_show_hot_fix=false&current_ocp_version=4.9.15&target_ocp_version=4.10.11

helm

List all helm charts in all namespaces

helm list -aA

cronjobs

oc get cj

delete po

stop pod

oc delete po --all --force
oc delete pod openshift-gitops-server --namespace openshift-gitops
oc delete pods -n openshift-oauth-apiserver --all

use other namespace

oc rsh  --namespace namespace-name pod-name
oc rsh --namespace namespace-name-operator pod-name bash -c 'echo $PATH $HOSTNAME'

list namespaces

oc get namespace

use namespace

oc rsh  --namespace openshift-gitops openshift-gitops-application-controller-0

kubectl get netnamespace

Get egress network information about the namespaces

oc get routes

oc get routes --namespace openshift-gitops

oc get oauth

Describe authentication methods.

oc get oauth cluster -o yaml

decode token. base64

https://jwt.io/

view secrets

oc get secret ca-key-pair -o go-template='Template:Range $k,$v := .dataTemplate:"Template:$kTemplate:"\n"Template:$vTemplate:"\n\n"Template:End'