OpenShift
OpenShift is a computer software product from Red Hat for container-based software deployment and management. It is a supported distribution of Kubernetes using Docker containers and DevOps tools for accelerated application development.
In the world of Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS), OpenShift is Red Hat's PaaS.
Different flavours of OpenShift:
- OpenShift Origin
- Open source application container platform
- OpenShift Online
- Public Application Development hosting service
- OpenShift Dedicated
- Managed private cluster on AWS/Google Clouds
- OpenShift Enterprise
- On-premise private PaaS
This article will mainly discuss OpenShift Origin.
OpenShift Origin is based on top of Docker containers and the Kubernetes cluster manager, with added developer and operational-centric tools that enable rapid application development, deployment, and lifecycle management.
- OpenShift Tools:
- Source Code Management (SCM) -> git
- Pipelines (CI/CD)
- Container Registry (OCR), for Docker images
- Software Defined Networking (SDN)
- API
- etcd (stores the state of the various OpenShift components)
- Governance (managing teams and users to provide access to applications and services)
- Three ways to interact with OpenShift:
- Web console (default port: 8443)
- CLI (OpenShift Client,
oc) - REST API
Minishift
Minishift is a tool that helps you run OpenShift locally by launching a single-node OpenShift cluster inside a virtual machine. With Minishift you can try out OpenShift or develop with it, day-to-day, on your local machine.
- Start up a single node OpenShift "cluster":
$ minishift start --vm-driver virtualbox
- Install and configure
oc:
$ minishift oc-env $ export PATH="/home/champ/.minishift/cache/oc/v3.9.0/linux:$PATH" $ eval $(minishift oc-env)
- Add ability to login as Admin:
$ minishift addon apply admin-user $ oc login -u admin # password = admin
- Get token for API (valid for 24 hours):
$ TOKEN=$(oc whoami -t) # E.g., ZndWHOAc7SfJspq3-CwBsb1Wxn7R3zqt9gI2RsABt6M
- Get a list of OpenShift users:
$ curl -kH "Authorization: Bearer ${TOKEN}" https://192.168.99.101:8443/oapi/v1/users
{
"kind": "UserList",
"apiVersion": "v1",
"metadata": {
"selfLink": "/oapi/v1/users",
"resourceVersion": "9069"
},
"items": [
{
"metadata": {
"name": "admin",
"selfLink": "/oapi/v1/users/admin",
"uid": "270ab9d2-6f44-11e8-bb58-527977685b9f",
"resourceVersion": "8551",
"creationTimestamp": "2018-06-13T19:58:33Z"
},
"fullName": "admin",
"identities": [
"anypassword:admin"
],
"groups": null
},
{
"metadata": {
"name": "developer",
"selfLink": "/oapi/v1/users/developer",
"uid": "f3ed520b-6f37-11e8-bb58-527977685b9f",
"resourceVersion": "1083",
"creationTimestamp": "2018-06-13T18:31:14Z"
},
"identities": [
"anypassword:developer"
],
"groups": null
}
]
}
OpenShift Client
- REST API:
$ oc login -u developer -p developer
Login successful. You have one project on this server: "myproject" Using project "myproject".
$ TOKEN=$(oc whoami -t)
$ curl -kH "Authorization: Bearer ${TOKEN}" https://192.168.99.101:8443/oapi/v1/projects
{
"kind": "ProjectList",
"apiVersion": "v1",
"metadata": {
"selfLink": "/oapi/v1/projects"
},
"items": [
{
"metadata": {
"name": "myproject",
"selfLink": "/oapi/v1/projects/myproject",
"uid": "f3f818ed-6f37-11e8-bb58-527977685b9f",
"resourceVersion": "1090",
"creationTimestamp": "2018-06-13T18:31:14Z",
"annotations": {
"openshift.io/description": "Initial developer project",
"openshift.io/display-name": "My Project",
"openshift.io/requester": "developer",
"openshift.io/sa.scc.mcs": "s0:c8,c7",
"openshift.io/sa.scc.supplemental-groups": "1000070000/10000",
"openshift.io/sa.scc.uid-range": "1000070000/10000"
}
},
"spec": {
"finalizers": [
"openshift.io/origin",
"kubernetes"
]
},
"status": {
"phase": "Active"
}
}
]
}
