DEV Community

loading...
Cover image for How to manage Users & Project in Openshift?

How to manage Users & Project in Openshift?

sagarjadhv23 profile image Sagar Jadhav Originally published at developersthought.in Updated on ・1 min read

Objective

  • Create project my-project
  • Create 2 Users project-admin & project-developer
  • Assign admin role to user project-admin in project my-project
  • Assign developer role to user project-developer in project my-project

Step 1: Set up OpenShift environment

Go to Katacoda.com & click on start scenario

Step 2: Set up utility

Install httpd tools

yum install httpd-tools
Enter fullscreen mode Exit fullscreen mode

Create file to store user & password

touch passwordfile 
Enter fullscreen mode Exit fullscreen mode

Step 3: List projects

oc projects
Enter fullscreen mode Exit fullscreen mode

Step 4: Create project

oc new-project my-project
Enter fullscreen mode Exit fullscreen mode

Step 5: Create users

oc create user project-admin
Enter fullscreen mode Exit fullscreen mode
htpasswd -b passwordfile project-admin pwd
Enter fullscreen mode Exit fullscreen mode
oc create user project-developer
Enter fullscreen mode Exit fullscreen mode
htpasswd -b passwordfile project-developer pwd
Enter fullscreen mode Exit fullscreen mode

Step 6: Add admin role to user

oc policy add-role-to-user admin project-admin
Enter fullscreen mode Exit fullscreen mode

Step 7: Add developer role to user

oc login -u project-admin -p pwd <SERVER_URL>
Enter fullscreen mode Exit fullscreen mode
oc policy add-role-to-user edit project-developer
Enter fullscreen mode Exit fullscreen mode

Step 8: List role bindings

oc get rolebindings
Enter fullscreen mode Exit fullscreen mode

Step 9: Deploy application

oc login -u project-developer -p pwd <SERVER_URL>
Enter fullscreen mode Exit fullscreen mode
oc new-app --name nginx -l app=demo --docker-image nginx:latest
Enter fullscreen mode Exit fullscreen mode

Step 10: List pods

oc get pods
Enter fullscreen mode Exit fullscreen mode

Step 11: View application logs

oc logs <POD_NAME>
Enter fullscreen mode Exit fullscreen mode

Step 12: Create service account

oc create sa useroot
Enter fullscreen mode Exit fullscreen mode

Step 13: Add scc anyuid to service account

 oc adm policy add-scc-to-user anyuid -z useroot --as system:admin
Enter fullscreen mode Exit fullscreen mode

Step 14: Patch DC with service account

 oc get dc
Enter fullscreen mode Exit fullscreen mode
oc patch dc/nginx --patch \
'{"spec":{"template":{"spec":{"serviceAccountName": "useroot"}}}}'
Enter fullscreen mode Exit fullscreen mode
oc get pods --watch
Enter fullscreen mode Exit fullscreen mode

Step 15: Browse application

oc get pods -o wide
Enter fullscreen mode Exit fullscreen mode
curl http://<POD_IP>:80
Enter fullscreen mode Exit fullscreen mode

Discussion (0)

pic
Editor guide