Scribd
Upload
9 views4 pages

Official Doc Is Available At: Kubeadmin Password Is Present Here: /home/opsadm/kubeadminpassword/ Ldap

The document outlines various tasks related to configuring OpenShift, including creating secrets and config maps for LDAP, deploying applications using Ansible playbooks, configuring alert managers, and setting up cron jobs. It also details NTP configuration, operator installation, persistent storage setup, pod scheduling, and OpenShift logging installation. Reference links to relevant courses and documentation are provided for further guidance.

Uploaded by

jyash317
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views4 pages

Official Doc Is Available At: Kubeadmin Password Is Present Here: /home/opsadm/kubeadminpassword/ Ldap

The document outlines various tasks related to configuring OpenShift, including creating secrets and config maps for LDAP, deploying applications using Ansible playbooks, configuring alert managers, and setting up cron jobs. It also details NTP configuration, operator installation, persistent storage setup, pod scheduling, and OpenShift logging installation. Reference links to relevant courses and documentation are provided for further guidance.

Uploaded by

jyash317
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Official Doc is available at: here

Kubeadmin password is present here: /home/opsadm/kubeadminpassword/

LDAP:

- create secret - ‘idm-secret’


- create a config-map - ‘idm-ca-configmap’ [ca-crt file is present at
http://idm.ocp4.example.com/ipa/config/ca.crt ]
- change yaml given in question bindDN and other details given in question itself.

Question similar as role guided exercise 5.2

role practice link:


https://role.rhu.redhat.com/rol-rhu/app/courses/do380-4.10/pages/ch05s01
https://role.rhu.redhat.com/rol-rhu/app/courses/do380-4.10/pages/ch05s02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- $ oc create secret generic ldap-secret
--from-literal=bindPassword=<secret> -n openshift-config

- $ wget -c -nv http://idm.ocp4.example.com/ipa/config/ca.crt


- $ oc create configmap ca-config-map --from-file=ca.crt=/path/to/ca -n openshift-config

- Edit yaml
- bindDN: ""
bindPassword:
name: ldap-secret
ca:
name: ca-config-map
insecure: false
url: "ldaps://ldaps.example.com/ou=users,dc=acme,dc=com?uid"

DEPLOY APPlCATION USING ANSIBLE PLAYBOOKS:

- There will be a ansible playbook file and all kubernetes resources, rest all will be
utilized by this playbook.

- playbook have minor errors (indentation)we need to change and can be checked
by –syntax-check command → $ ansible-playbook –syntax-check file_name

- It will complain 3 changes


K8s indentation (add 2 spaces before k8s)
K8s_infor error(remove r here)
One more[in namespace section of playbook]
- Run ansible-playbook file_name after changes are done in ansible playbook
- No ideas of extra yaml files [not able to complete the whole question]

Configure Alert-manager:

- Same procedure have to follow as given in role: Sending Alerts to Email


- Role reference:
https://role.rhu.redhat.com/rol-rhu/app/courses/do380-4.10/pages/ch09s03

Migrate Application:

Configure a Cronjob:

- Create project
- Create sa
- The Job should be executed at 4.05 every 2nd day of the month.
- successfullJobHIstoryLimit should be 14

- $ oc create cronjob <name> --image=perl --schedule='5 4 2 * *'


- Change yaml [attach service account and change value for
successfullJobHistory limit ]

542** → At 04:05 AM, on day 2 of the month

NTP Configuration:

- In product document search for [i] day-2 then [ii] post-machine-configurations taks
[iii] search for butane
[iv] apply same procedure as given in doc

NOTE: entries inside inline section like pool is already given in yaml chrony.conf
provided in question.

REFERENCE LINKS:
================
https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10?overr
idden_route_name=red_hat_documentation.product_page&base_route_name=red_hat_
documentation.product_page&page_manager_page=product_page&page_manager_pa
ge_variant=product_page-panels_variant-0&page_manager_page_variant_weight=0

https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/
post-installation_configuration/post-install-machine-configuration-tasks

pool 2.rhel.pool.ntp.org iburst


driftfile /var/lib/chrony/drift
makestep 1.0 3 THIS POOL DETAILS GIVEN IN QUESTION
rtcsync
keyfile /etc/chrony.keys
leapsectz right/UTC
logdir /var/log/chrony

Install an Operator:

- Use console → operator hub → install the asked operator[file-integrity-operator]


- Imp: we need to check the monitoring mark down there.

Configure an application to use persistent storage:

- Create PV [make it from console]


- details are given in question
- storage class path and server info from $ oc get sc nfs -o yaml

- Create PVC
- Create deployment by using image given in question
- Mount path given in question
- Then attach pvc to deployment by using $ oc set volume deployment –help
~~~
$ oc create deployment my-dep --image=nginx --replicas=3
$ oc get all
$ oc set volume deployment –help
$ oc expose deployment D_name --port=8080
$ oc create route edge --service=S_name –hostname=lambda.apps.example.com
~~~

For Practice: https://role.rhu.redhat.com/rol-rhu/app/courses/do380-4.10/pages/ch08s06


Pod scheduling:

- Enable kubelet and crio → node status will be ready,schedulingDisabled


- Then Uncordon the node
- Inside deployment check:
~~~
nodeSelector:
region: redhat-na
~~~
- Pod should be run on worker 2 hence label the node:
$ oc label nodes/worker2.lab.example.com region=redhat-na

- Increase the memory limit to 200Mi in deployment.

Install OpenShift Logging:

- Install 2 operators in told namespaces. (elastic search, cluster logging )


- Then do changes in clusterlogging.yaml file as given in role

Role exercise:

https://role.rhu.redhat.com/rol-rhu/app/courses/do380-4.10/pages/ch10s02 –

You might also like