|
|
相关文章推荐
|
威武的蜡烛 · 少林英雄演员表,全部演员表,演员人物介绍_电 ...· 1 周前 · |
|
|
爱笑的槟榔 · 怎样制作卤水配方_舌尖上的卤味· 1 月前 · |
|
|
独立的打火机 · 迟子建笔下的东北往事---党建网· 1 月前 · |
|
|
坚强的领结 · 殺人事件の量刑判断の難しさ【弁護士が選ぶ刑事 ...· 2 月前 · |
|
|
文质彬彬的领结 · 首都师范大学研究生院· 1 年前 · |
Red Hat OpenShift Container Platform
Learn more about OpenShift Container Platform
About OpenShift Kubernetes Engine
Kubernetes overview
Legal notice
Release notes
OpenShift Container Platform 4.8 release notes
Architecture
Architecture overview
Product architecture
Installation and update
Control plane architecture
Understanding OpenShift development
Red Hat Enterprise Linux CoreOS
Admission plugins
Installing
Installation overview
Selecting an installation method and preparing a cluster
Mirroring images for a disconnected installation
Installing on AWS
Preparing to install on AWS
Configuring an AWS account
Manually creating IAM
Installing a cluster quickly on AWS
Installing a cluster on AWS with customizations
Installing a cluster on AWS with network customizations
Installing a cluster on AWS in a restricted network
Installing a cluster on AWS into an existing VPC
Installing a private cluster on AWS
Installing a cluster on AWS into a government or secret region
Installing a cluster on AWS using CloudFormation templates
Installing a cluster on AWS in a restricted network with user-provisioned infrastructure
Uninstalling a cluster on AWS
Installing on Azure
Preparing to install on Azure
Configuring an Azure account
Manually creating IAM
Installing a cluster quickly on Azure
Installing a cluster on Azure with customizations
Installing a cluster on Azure with network customizations
Installing a cluster on Azure into an existing VNet
Installing a private cluster on Azure
Installing a cluster on Azure into a government region
Installing a cluster on Azure using ARM templates
Uninstalling a cluster on Azure
Installing on GCP
Preparing to install on GCP
Configuring a GCP project
Manually creating IAM
Installing a cluster quickly on GCP
Installing a cluster on GCP with customizations
Installing a cluster on GCP with network customizations
Installing a cluster on GCP in a restricted network
Installing a cluster on GCP into an existing VPC
Installing a private cluster on GCP
Installing a cluster on GCP using Deployment Manager templates
Installing a cluster into a shared VPC on GCP using Deployment Manager templates
Installing a cluster on GCP in a restricted network with user-provisioned infrastructure
Uninstalling a cluster on GCP
Installing on bare metal
Preparing to install on bare metal
Installing a user-provisioned cluster on bare metal
Installing a user-provisioned bare metal cluster with network customizations
Installing a user-provisioned bare metal cluster on a restricted network
Deploying installer-provisioned clusters on bare metal
Overview
Prerequisites
Setting up the environment for an OpenShift installation
Post-installation configuration
Expanding the cluster
Troubleshooting
Installing with z/VM on IBM Z and LinuxONE
Preparing to install with z/VM on IBM Z and LinuxONE
Installing a cluster with z/VM on IBM Z and LinuxONE
Restricted network IBM Z installation with z/VM
Installing with RHEL KVM on IBM Z and LinuxONE
Preparing to install with RHEL KVM on IBM Z and LinuxONE
Installing a cluster with RHEL KVM on IBM Z and LinuxONE
Restricted network IBM Z installation with RHEL KVM
Installing on IBM Power Systems
Preparing to install on IBM Power Systems
Installing a cluster on IBM Power Systems
Restricted network IBM Power Systems installation
Installing on OpenStack
Preparing to install on OpenStack
Installing a cluster on OpenStack with customizations
Installing a cluster on OpenStack with Kuryr
Installing a cluster that supports SR-IOV compute machines on OpenStack
Installing a cluster on OpenStack on your own infrastructure
Installing a cluster on OpenStack with Kuryr on your own infrastructure
Installing a cluster on OpenStack on your own SR-IOV infrastructure
Installing a cluster on OpenStack in a restricted network
Uninstalling a cluster on OpenStack
Uninstalling a cluster on OpenStack from your own infrastructure
Installing on RHV
Preparing to install on RHV
Installing a cluster quickly on RHV
Installing a cluster on RHV with customizations
Installing a cluster on RHV with user-provisioned infrastructure
Installing a cluster on RHV in a restricted network
Uninstalling a cluster on RHV
Installing on vSphere
Preparing to install on vSphere
Installing a cluster on vSphere
Installing a cluster on vSphere with customizations
Installing a cluster on vSphere with network customizations
Installing a cluster on vSphere with user-provisioned infrastructure
Installing a cluster on vSphere with user-provisioned infrastructure and network customizations
Installing a cluster on vSphere in a restricted network
Installing a cluster on vSphere in a restricted network with user-provisioned infrastructure
Uninstalling a cluster on vSphere that uses installer-provisioned infrastructure
Using the vSphere Problem Detector Operator
Installing on VMC
Preparing to install on VMC
Installing a cluster on VMC
Installing a cluster on VMC with customizations
Installing a cluster on VMC with network customizations
Installing a cluster on VMC in a restricted network
Installing a cluster on VMC with user-provisioned infrastructure
Installing a cluster on VMC with user-provisioned infrastructure and network customizations
Installing a cluster on VMC in a restricted network with user-provisioned infrastructure
Uninstalling a cluster on VMC
Installing on any platform
Installing a cluster on any platform
Installation configuration
Customizing nodes
Configuring your firewall
Validating an installation
Troubleshooting installation issues
Support for FIPS cryptography
Post-installation configuration
Post-installation configuration overview
Configuring a private cluster
Machine configuration tasks
Cluster tasks
Node tasks
Network configuration
Storage configuration
Preparing for users
Configuring alert notifications
Configuring additional devices in an IBM Z or LinuxONE environment
Updating clusters
Understanding OpenShift updates
Updating clusters overview
Understanding upgrade channels
Preparing to perform an EUS-to-EUS update
Updating a cluster using the web console
Updating a cluster using the CLI
Performing update using canary rollout strategy
Updating a cluster that includes RHEL compute machines
Updating a cluster in a disconnected environment
About cluster updates in a disconnected environment
Mirroring the OpenShift Container Platform image repository
Updating a cluster in a disconnected environment using OSUS
Updating a cluster in a disconnected environment without OSUS
Support
Support overview
Managing your cluster resources
Getting support
Remote health monitoring with connected clusters
About remote health monitoring
Showing data collected by remote health monitoring
Opting out of remote health reporting
Using Insights to identify issues with your cluster
Using Insights Operator
Using remote health reporting in a restricted network
Gathering data about your cluster
Summarizing cluster specifications
Troubleshooting
Troubleshooting installations
Verifying node health
Troubleshooting CRI-O container runtime issues
Troubleshooting operating system issues
Troubleshooting network issues
Troubleshooting Operator issues
Investigating pod issues
Troubleshooting the Source-to-Image process
Troubleshooting storage issues
Troubleshooting Windows container workload issues
Investigating monitoring issues
Diagnosing OpenShift CLI (oc) issues
Web console
Web console overview
Accessing the web console
Viewing cluster information
Configuring the web console
Customizing the web console
Web terminal
Disabling the web console
Creating quick start tutorials
CLI tools
CLI tools overview
OpenShift CLI (oc)
Getting started with the OpenShift CLI
Configuring the OpenShift CLI
Managing CLI profiles
Extending the OpenShift CLI with plugins
OpenShift CLI developer command reference
OpenShift CLI administrator command reference
Usage of oc and kubectl commands
Developer CLI (odo)
odo release notes
Understanding odo
Installing odo
Configuring the odo CLI
odo CLI reference
Knative CLI (kn) for use with OpenShift Serverless
Pipelines CLI (tkn)
Installing tkn
Configuring tkn
Basic tkn commands
opm CLI
Operator SDK
Installing the Operator SDK CLI
Operator SDK CLI reference
Security and compliance
Security and compliance overview
Container security
Understanding container security
Understanding host and VM security
Hardening Red Hat Enterprise Linux CoreOS
Container image signatures
Understanding compliance
Securing container content
Using container registries securely
Securing the build process
Deploying containers
Securing the container platform
Securing networks
Securing attached storage
Monitoring cluster events and logs
Configuring certificates
Replacing the default ingress certificate
Adding API server certificates
Securing service traffic using service serving certificates
Updating the CA bundle
Certificate types and descriptions
User-provided certificates for the API server
Proxy certificates
Service CA certificates
Node certificates
Bootstrap certificates
etcd certificates
OLM certificates
Aggregated API client certificates
Machine Config Operator certificates
User-provided certificates for default ingress
Ingress certificates
Monitoring and cluster logging Operator component certificates
Control plane certificates
Compliance Operator
Compliance Operator release notes
Supported compliance profiles
Installing the Compliance Operator
Updating the Compliance Operator
Compliance Operator scans
Understanding the Compliance Operator
Managing the Compliance Operator
Tailoring the Compliance Operator
Retrieving Compliance Operator raw results
Managing Compliance Operator remediation
Performing advanced Compliance Operator tasks
Troubleshooting the Compliance Operator
Uninstalling the Compliance Operator
Using the oc-compliance plugin
Understanding the Custom Resource Definitions
File Integrity Operator
File Integrity Operator release notes
Installing the File Integrity Operator
Updating the File Integrity Operator
Understanding the File Integrity Operator
Configuring the File Integrity Operator
Performing advanced File Integrity Operator tasks
Troubleshooting the File Integrity Operator
Viewing audit logs
Configuring the audit log policy
Configuring TLS security profiles
Configuring seccomp profiles
Allowing JavaScript-based access to the API server from additional hosts
Encrypting etcd data
Scanning pods for vulnerabilities
Authentication and authorization
Authentication and authorization overview
Understanding authentication
Configuring the internal OAuth server
Configuring OAuth clients
Managing user-owned OAuth access tokens
Understanding identity provider configuration
Configuring identity providers
Configuring an htpasswd identity provider
Configuring a Keystone identity provider
Configuring an LDAP identity provider
Configuring a basic authentication identity provider
Configuring a request header identity provider
Configuring a GitHub or GitHub Enterprise identity provider
Configuring a GitLab identity provider
Configuring a Google identity provider
Configuring an OpenID Connect identity provider
Using RBAC to define and apply permissions
Removing the kubeadmin user
Understanding and creating service accounts
Using service accounts in applications
Using a service account as an OAuth client
Scoping tokens
Using bound service account tokens
Managing security context constraints
Impersonating the system:admin user
Syncing LDAP groups
Managing cloud provider credentials
About the Cloud Credential Operator
Using mint mode
Using passthrough mode
Using manual mode
Using manual mode with STS
Networking
Understanding networking
Accessing hosts
Networking Operators overview
Understanding the Cluster Network Operator
Understanding the DNS Operator
Understanding the Ingress Operator
Verifying connectivity to an endpoint
Configuring the node port service range
Configuring IP failover
Using SCTP
Configuring PTP hardware
Network policy
About network policy
Logging network policy
Creating a network policy
Viewing a network policy
Editing a network policy
Deleting a network policy
Defining a default network policy for projects
Configuring multitenant network policy
Multiple networks
Understanding multiple networks
Configuring an additional network
About virtual routing and forwarding
Configuring multi-network policy
Attaching a pod to an additional network
Removing a pod from an additional network
Editing an additional network
Removing an additional network
Assigning a secondary network to a VRF
Hardware networks
About Single Root I/O Virtualization (SR-IOV) hardware networks
Installing the SR-IOV Operator
Configuring the SR-IOV Operator
Configuring an SR-IOV network device
Configuring an SR-IOV Ethernet network attachment
Configuring an SR-IOV InfiniBand network attachment
Adding a pod to an SR-IOV network
Using high performance multicast
Using DPDK and RDMA
Uninstalling the SR-IOV Operator
OpenShift SDN default CNI network provider
About the OpenShift SDN default CNI network provider
Configuring egress IPs for a project
Configuring an egress firewall for a project
Viewing an egress firewall for a project
Editing an egress firewall for a project
Removing an egress firewall from a project
Considerations for the use of an egress router pod
Deploying an egress router pod in redirect mode
Deploying an egress router pod in HTTP proxy mode
Deploying an egress router pod in DNS proxy mode
Configuring an egress router pod destination list from a config map
Enabling multicast for a project
Disabling multicast for a project
Configuring multitenant isolation
Configuring kube-proxy
OVN-Kubernetes default CNI network provider
About the OVN-Kubernetes network provider
Migrating from the OpenShift SDN cluster network provider
Rolling back to the OpenShift SDN cluster network provider
Converting to IPv4/IPv6 dual stack networking
IPsec encryption configuration
Configuring an egress firewall for a project
Viewing an egress firewall for a project
Editing an egress firewall for a project
Removing an egress firewall from a project
Configuring an egress IP address
Assigning an egress IP address
Considerations for the use of an egress router pod
Deploying an egress router pod in redirect mode
Enabling multicast for a project
Disabling multicast for a project
Tracking network flows
Configuring hybrid networking
Configuring Routes
Route configuration
Secured routes
Configuring ingress cluster traffic
Overview
Configuring ExternalIPs for services
Configuring ingress cluster traffic using an Ingress Controller
Configuring ingress cluster traffic using a load balancer
Configuring ingress cluster traffic on AWS using a Network Load Balancer
Configuring ingress cluster traffic using a service external IP
Configuring ingress cluster traffic using a NodePort
Kubernetes NMState
About the Kubernetes NMState Operator
Observing node network state
Updating node network configuration
Troubleshooting node network configuration
Configuring the cluster-wide proxy
Configuring a custom PKI
Load balancing on OpenStack
Associating secondary interfaces metrics to network attachments
Storage
Storage overview
Understanding ephemeral storage
Understanding persistent storage
Configuring persistent storage
Persistent storage using AWS Elastic Block Store
Persistent storage using Azure Disk
Persistent storage using Azure File
Persistent storage using Cinder
Persistent storage using Fibre Channel
Persistent storage using FlexVolume
Persistent storage using GCE Persistent Disk
Persistent storage using hostPath
Persistent Storage using iSCSI
Persistent storage using local volumes
Persistent storage using NFS
Persistent storage using Red Hat OpenShift Container Storage
Persistent storage using VMware vSphere
Using Container Storage Interface (CSI)
Configuring CSI volumes
CSI inline ephemeral volumes
CSI volume snapshots
CSI volume cloning
CSI automatic migration
AWS Elastic Block Store CSI Driver Operator
Azure Disk CSI Driver Operator
GCP PD CSI Driver Operator
OpenStack Cinder CSI Driver Operator
OpenStack Manila CSI Driver Operator
Red Hat Virtualization CSI Driver Operator
VMware vSphere CSI Driver Operator
Expanding persistent volumes
Dynamic provisioning
Registry
Registry overview
Image Registry Operator in OpenShift Container Platform
Setting up and configuring the registry
Configuring the registry for AWS user-provisioned infrastructure
Configuring the registry for GCP user-provisioned infrastructure
Configuring the registry for OpenStack user-provisioned infrastructure
Configuring the registry for Azure user-provisioned infrastructure
Configuring the registry for OpenStack
Configuring the registry for bare metal
Configuring the registry for vSphere
Accessing the registry
Exposing the registry
Operators
Operators overview
Understanding Operators
What are Operators?
Packaging formats
Common terms
Operator Lifecycle Manager (OLM)
Concepts and resources
Architecture
Workflow
Dependency resolution
Operator groups
Operator conditions
Metrics
Webhooks
OperatorHub
Red Hat-provided Operator catalogs
Extending the Kubernetes API with CRDs
Managing resources from CRDs
User tasks
Creating applications from installed Operators
Installing Operators in your namespace
Administrator tasks
Adding Operators to a cluster
Updating installed Operators
Deleting Operators from a cluster
Configuring proxy support
Viewing Operator status
Managing Operator conditions
Allowing non-cluster administrators to install Operators
Managing custom catalogs
Using OLM on restricted networks
Developing Operators
About the Operator SDK
Installing the Operator SDK CLI
Upgrading projects for newer Operator SDK versions
Go-based Operators
Getting started
Tutorial
Project layout
Ansible-based Operators
Getting started
Tutorial
Project layout
Ansible support
Kubernetes Collection for Ansible
Using Ansible inside an Operator
Custom resource status management
Helm-based Operators
Getting started
Tutorial
Project layout
Helm support
Defining cluster service versions (CSVs)
Working with bundle images
Validating Operators using the scorecard
Configuring built-in monitoring with Prometheus
Configuring leader election
Migrating package manifest projects to bundle format
Operator SDK CLI reference
Cluster Operators reference
CI/CD
CI/CD overview
Builds
Understanding image builds
Understanding build configurations
Creating build inputs
Managing build output
Using build strategies
Custom image builds with Buildah
Performing basic builds
Triggering and modifying builds
Performing advanced builds
Using Red Hat subscriptions in builds
Securing builds by strategy
Build configuration resources
Troubleshooting builds
Setting up additional trusted certificate authorities for builds
Migrating from Jenkins to Tekton
Migrating from Jenkins to Tekton
Pipelines
OpenShift Pipelines release notes
Understanding OpenShift Pipelines
Installing OpenShift Pipelines
Uninstalling OpenShift Pipelines
Creating CI/CD solutions for applications using OpenShift Pipelines
Working with OpenShift Pipelines using the Developer perspective
Reducing resource consumption of OpenShift Pipelines
Using pods in a privileged security context
Securing webhooks with event listeners
Authenticating pipelines using git secret
Viewing pipeline logs using the OpenShift Logging Operator
GitOps
OpenShift GitOps release notes
Understanding OpenShift GitOps
Installing OpenShift GitOps
Uninstalling OpenShift GitOps
Configuring an OpenShift cluster by deploying an application with cluster configurations
Deploying a Spring Boot application with Argo CD
Configuring SSO for Argo CD using Dex
Configuring SSO for Argo CD using Keycloak
Running Control Plane Workloads on Infra nodes
Sizing requirements for GitOps Operator
Images
Overview of images
Configuring the Cluster Samples Operator
Using the Cluster Samples Operator with an alternate registry
Creating images
Managing images
Managing images overview
Tagging images
Image pull policy
Using image pull secrets
Managing image streams
Using image streams with Kubernetes resources
Triggering updates on image stream changes
Image configuration resources
Using templates
Using Ruby on Rails
Using images
Using images overview
Configuring Jenkins images
Jenkins agent
Source-to-image
Customizing source-to-image images
Building Applications
Building Applications overview
Projects
Working with projects
Creating a project as another user
Configuring project creation
Creating Applications
Creating applications using the Developer perspective
Creating applications from installed Operators
Creating applications using the CLI
Viewing application composition using the Topology view
Working with Helm charts
Understanding Helm
Installing Helm
Configuring custom Helm chart repositories
Working with Helm releases
Deployments
Understanding Deployments and DeploymentConfigs
Managing deployment processes
Using deployment strategies
Using route-based deployment strategies
Quotas
Resource quotas per project
Resource quotas across multiple projects
Using config maps with applications
Monitoring project and application metrics using the Developer perspective
Monitoring application health
Editing applications
Pruning objects to reclaim resources
Idling applications
Deleting applications
Using the Red Hat Marketplace
Machine management
Overview of machine management
Creating machine sets
Creating a machine set on AWS
Creating a machine set on Azure
Creating a machine set on GCP
Creating a machine set on OpenStack
Creating a machine set on RHV
Creating a machine set on vSphere
Manually scaling a machine set
Modifying a machine set
Deleting a machine
Applying autoscaling to a cluster
Creating infrastructure machine sets
Adding a RHEL compute machine
Adding more RHEL compute machines
User-provisioned infrastructure
Adding compute machines to user-provisioned infrastructure clusters
Adding compute machines to AWS using CloudFormation templates
Adding compute machines to vSphere
Adding compute machines to bare metal
Deploying machine health checks
Nodes
Overview of nodes
Working with pods
About pods
Viewing pods
Configuring a cluster for pods
Automatically scaling pods with the horizontal pod autoscaler
Automatically adjust pod resource levels with the vertical pod autoscaler
Providing sensitive data to pods
Creating and using config maps
Using Device Manager to make devices available to nodes
Including pod priority in pod scheduling decisions
Placing pods on specific nodes using node selectors
Controlling pod placement onto nodes (scheduling)
About pod placement using the scheduler
Configuring the default scheduler to control pod placement
Scheduling pods using a scheduler profile
Placing pods relative to other pods using pod affinity and anti-affinity rules
Controlling pod placement on nodes using node affinity rules
Placing pods onto overcommited nodes
Controlling pod placement using node taints
Placing pods on specific nodes using node selectors
Controlling pod placement using pod topology spread constraints
Running a custom scheduler
Evicting pods using the descheduler
Using Jobs and DaemonSets
Running background tasks on nodes automatically with daemonsets
Running tasks in pods using jobs
Working with nodes
Viewing and listing the nodes in your cluster
Working with nodes
Managing nodes
Managing the maximum number of pods per node
Using the Node Tuning Operator
Remediating nodes with the Poison Pill Operator
Understanding node rebooting
Freeing node resources using garbage collection
Allocating resources for nodes
Allocating specific CPUs for nodes in a cluster
Configuring the TLS security profile for the kubelet
Machine Config Daemon metrics
Creating infrastructure nodes
Working with containers
Using containers
Using Init Containers to perform tasks before a pod is deployed
Using volumes to persist container data
Mapping volumes using projected volumes
Allowing containers to consume API objects
Copying files to or from a container
Executing remote commands in a container
Using port forwarding to access applications in a container
Using sysctls in containers
Working with clusters
Viewing system event information in a cluster
Analyzing cluster resource levels
Setting limit ranges
Configuring cluster memory to meet container memory and risk requirements
Configuring your cluster to place pods on overcommited nodes
Enabling features using FeatureGates
Remote worker nodes on the network edge
Using remote worker node at the network edge
Windows Container Support for OpenShift
Red Hat OpenShift support for Windows Containers overview
Red Hat OpenShift support for Windows Containers release notes
Understanding Windows container workloads
Enabling Windows container workloads
Creating Windows MachineSet objects
Creating a Windows MachineSet object on AWS
Creating a Windows MachineSet object on Azure
Creating a Windows MachineSet object on vSphere
Scheduling Windows container workloads
Windows node upgrades
Using Bring-Your-Own-Host Windows instances as nodes
Removing Windows nodes
Disabling Windows container workloads
Sandboxed Containers Support for OpenShift
OpenShift sanboxed containers release notes
Understanding OpenShift sandboxed containers
Deploying OpenShift sandboxed containers workloads
Uninstalling OpenShift sandboxed containers workloads
Upgrade OpenShift sandboxed containers
Logging
Release notes
About Logging
Installing Logging
Configuring your Logging deployment
About the Cluster Logging custom resource
Configuring the logging collector
Configuring the log store
Configuring the log visualizer
Configuring Logging storage
Configuring CPU and memory limits for Logging components
Using tolerations to control Logging pod placement
Moving the Logging resources with node selectors
Configuring systemd-journald for Logging
Maintenance and support
Viewing logs for a specific resource
Viewing cluster logs in Kibana
Forwarding logs to third party systems
Enabling JSON logging
Collecting and storing Kubernetes events
Updating Logging
Viewing cluster dashboards
Troubleshooting Logging
Viewing Logging status
Viewing the status of the log store
Understanding Logging alerts
Collecting logging data for Red Hat Support
Troubleshooting for Critical Alerts
Uninstalling Logging
Exported fields
Monitoring
Monitoring overview
Configuring the monitoring stack
Enabling monitoring for user-defined projects
Managing metrics
Managing alerts
Reviewing monitoring dashboards
Accessing third-party UIs
Troubleshooting monitoring issues
Metering
About metering
Installing metering
Upgrading metering
Configuring metering
About configuring metering
Common configuration options
Configuring persistent storage
Configuring the Hive metastore
Configuring the reporting operator
Configuring AWS billing correlation
Reports
About reports
Storage Locations
Using metering
Examples of using metering
Troubleshooting and debugging
Uninstalling metering
Scalability and performance
Recommended host practices
Recommended host practices for IBM Z & LinuxONE environments
Recommended cluster scaling practices
Using the Node Tuning Operator
Using Cluster Loader
Using CPU Manager
Using Topology Manager
Scaling the Cluster Monitoring Operator
The Node Feature Discovery Operator
The Driver Toolkit
Planning your environment according to object maximums
Optimizing storage
Optimizing routing
Optimizing networking
Managing bare metal hosts
What huge pages do and how they are consumed by apps
Performance Addon Operator for low latency nodes
Performing latency tests for platform verification
Creating a performance profile
Backup and restore
Overview of backup and restore operations
Shutting down a cluster gracefully
Restarting a cluster gracefully
Application backup and restore
OADP features and plugins
Installing and configuring OADP
About installing OADP
Installing and configuring OADP with AWS
Installing and configuring OADP with Azure
Installing and configuring OADP with GCP
Installing and configuring OADP with MCG
Installing and configuring OADP with OCS
Uninstalling OADP
Backing up and restoring
Backing up applications
Restoring applications
Troubleshooting
Control plane backup and restore
Backing up etcd data
Replacing an unhealthy etcd member
Disaster recovery
About disaster recovery
Restoring to a previous cluster state
Recovering from expired control plane certificates
Migrating from version 3 to 4 overview
About migrating from OpenShift Container Platform 3 to 4
Differences between OpenShift Container Platform 3 and 4
Network considerations
About MTC
Installing MTC
Installing MTC in a restricted network environment
Upgrading MTC
Premigration checklists
Migrating your applications
Advanced migration options
Troubleshooting
Migration Toolkit for Containers
About MTC
MTC release notes
Installing MTC
Installing MTC in a restricted network environment
Upgrading MTC
Premigration checklists
Network considerations
Migrating your applications
Advanced migration options
Troubleshooting
API reference
Understanding API tiers
API compatibility guidelines
Editing kubelet log level verbosity and gathering logs
API list
Common object reference
Index
Authorization APIs
About Authorization APIs
LocalResourceAccessReview [authorization.openshift.io/v1]
LocalSubjectAccessReview [authorization.openshift.io/v1]
ResourceAccessReview [authorization.openshift.io/v1]
SelfSubjectRulesReview [authorization.openshift.io/v1]
SubjectAccessReview [authorization.openshift.io/v1]
SubjectRulesReview [authorization.openshift.io/v1]
TokenReview [authentication.k8s.io/v1]
LocalSubjectAccessReview [authorization.k8s.io/v1]
SelfSubjectAccessReview [authorization.k8s.io/v1]
SelfSubjectRulesReview [authorization.k8s.io/v1]
SubjectAccessReview [authorization.k8s.io/v1]
Autoscale APIs
About Autoscale APIs
ClusterAutoscaler [autoscaling.openshift.io/v1]
MachineAutoscaler [autoscaling.openshift.io/v1beta1]
HorizontalPodAutoscaler [autoscaling/v1]
Config APIs
About Config APIs
APIServer [config.openshift.io/v1]
Authentication [config.openshift.io/v1]
Build [config.openshift.io/v1]
ClusterOperator [config.openshift.io/v1]
ClusterVersion [config.openshift.io/v1]
Console [config.openshift.io/v1]
DNS [config.openshift.io/v1]
FeatureGate [config.openshift.io/v1]
HelmChartRepository [helm.openshift.io/v1beta1]
Image [config.openshift.io/v1]
Infrastructure [config.openshift.io/v1]
Ingress [config.openshift.io/v1]
Network [config.openshift.io/v1]
OAuth [config.openshift.io/v1]
OperatorHub [config.openshift.io/v1]
Project [config.openshift.io/v1]
Proxy [config.openshift.io/v1]
Scheduler [config.openshift.io/v1]
Console APIs
About Console APIs
ConsoleCLIDownload [console.openshift.io/v1]
ConsoleExternalLogLink [console.openshift.io/v1]
ConsoleLink [console.openshift.io/v1]
ConsoleNotification [console.openshift.io/v1]
ConsolePlugin [console.openshift.io/v1alpha1]
ConsoleQuickStart [console.openshift.io/v1]
ConsoleYAMLSample [console.openshift.io/v1]
Extension APIs
About Extension APIs
APIService [apiregistration.k8s.io/v1]
CustomResourceDefinition [apiextensions.k8s.io/v1]
MutatingWebhookConfiguration [admissionregistration.k8s.io/v1]
ValidatingWebhookConfiguration [admissionregistration.k8s.io/v1]
Image APIs
About Image APIs
Image [image.openshift.io/v1]
ImageSignature [image.openshift.io/v1]
ImageStreamImage [image.openshift.io/v1]
ImageStreamImport [image.openshift.io/v1]
ImageStreamMapping [image.openshift.io/v1]
ImageStream [image.openshift.io/v1]
ImageStreamTag [image.openshift.io/v1]
ImageTag [image.openshift.io/v1]
Machine APIs
About Machine APIs
ContainerRuntimeConfig [machineconfiguration.openshift.io/v1]
ControllerConfig [machineconfiguration.openshift.io/v1]
KubeletConfig [machineconfiguration.openshift.io/v1]
MachineConfigPool [machineconfiguration.openshift.io/v1]
MachineConfig [machineconfiguration.openshift.io/v1]
MachineHealthCheck [machine.openshift.io/v1beta1]
Machine [machine.openshift.io/v1beta1]
MachineSet [machine.openshift.io/v1beta1]
Metadata APIs
About Metadata APIs
APIRequestCount [apiserver.openshift.io/v1]
Binding [core/v1]
ComponentStatus [core/v1]
ConfigMap [core/v1]
ControllerRevision [apps/v1]
Event [events.k8s.io/v1]
Event [core/v1]
Lease [coordination.k8s.io/v1]
Namespace [core/v1]
Monitoring APIs
About Monitoring APIs
Alertmanager [monitoring.coreos.com/v1]
AlertmanagerConfig [monitoring.coreos.com/v1alpha1]
PodMonitor [monitoring.coreos.com/v1]
Probe [monitoring.coreos.com/v1]
Prometheus [monitoring.coreos.com/v1]
PrometheusRule [monitoring.coreos.com/v1]
ServiceMonitor [monitoring.coreos.com/v1]
ThanosRuler [monitoring.coreos.com/v1]
Network APIs
About Network APIs
ClusterNetwork [network.openshift.io/v1]
Endpoints [core/v1]
EndpointSlice [discovery.k8s.io/v1]
EgressNetworkPolicy [network.openshift.io/v1]
EgressRouter [network.operator.openshift.io/v1]
HostSubnet [network.openshift.io/v1]
Ingress [networking.k8s.io/v1]
IngressClass [networking.k8s.io/v1]
IPPool [whereabouts.cni.cncf.io/v1alpha1]
NetNamespace [network.openshift.io/v1]
NetworkAttachmentDefinition [k8s.cni.cncf.io/v1]
NetworkPolicy [networking.k8s.io/v1]
PodNetworkConnectivityCheck [controlplane.operator.openshift.io/v1alpha1]
Route [route.openshift.io/v1]
Service [core/v1]
Node APIs
About Node APIs
Node [core/v1]
Profile [tuned.openshift.io/v1]
RuntimeClass [node.k8s.io/v1]
Tuned [tuned.openshift.io/v1]
OAuth APIs
About OAuth APIs
OAuthAccessToken [oauth.openshift.io/v1]
OAuthAuthorizeToken [oauth.openshift.io/v1]
OAuthClientAuthorization [oauth.openshift.io/v1]
OAuthClient [oauth.openshift.io/v1]
UserOAuthAccessToken [oauth.openshift.io/v1]
Operator APIs
About Operator APIs
Authentication [operator.openshift.io/v1]
CloudCredential [operator.openshift.io/v1]
ClusterCSIDriver [operator.openshift.io/v1]
Console [operator.openshift.io/v1]
Config [operator.openshift.io/v1]
Config [imageregistry.operator.openshift.io/v1]
Config [samples.operator.openshift.io/v1]
CSISnapshotController [operator.openshift.io/v1]
DNS [operator.openshift.io/v1]
DNSRecord [ingress.operator.openshift.io/v1]
Etcd [operator.openshift.io/v1]
ImageContentSourcePolicy [operator.openshift.io/v1alpha1]
ImagePruner [imageregistry.operator.openshift.io/v1]
IngressController [operator.openshift.io/v1]
KubeAPIServer [operator.openshift.io/v1]
KubeControllerManager [operator.openshift.io/v1]
KubeScheduler [operator.openshift.io/v1]
KubeStorageVersionMigrator [operator.openshift.io/v1]
Network [operator.openshift.io/v1]
OpenShiftAPIServer [operator.openshift.io/v1]
OpenShiftControllerManager [operator.openshift.io/v1]
OperatorPKI [network.operator.openshift.io/v1]
ServiceCA [operator.openshift.io/v1]
Storage [operator.openshift.io/v1]
OperatorHub APIs
About OperatorHub APIs
CatalogSource [operators.coreos.com/v1alpha1]
ClusterServiceVersion [operators.coreos.com/v1alpha1]
InstallPlan [operators.coreos.com/v1alpha1]
Operator [operators.coreos.com/v1]
OperatorCondition [operators.coreos.com/v1]
OperatorGroup [operators.coreos.com/v1]
PackageManifest [packages.operators.coreos.com/v1]
Subscription [operators.coreos.com/v1alpha1]
Policy APIs
About Policy APIs
PodDisruptionBudget [policy/v1]
Project APIs
About Project APIs
Project [project.openshift.io/v1]
ProjectRequest [project.openshift.io/v1]
Provisioning APIs
About Provisioning APIs
BareMetalHost [metal3.io/v1alpha1]
Provisioning [metal3.io/v1alpha1]
RBAC APIs
About RBAC APIs
ClusterRoleBinding [rbac.authorization.k8s.io/v1]
ClusterRole [rbac.authorization.k8s.io/v1]
RoleBinding [rbac.authorization.k8s.io/v1]
Role [rbac.authorization.k8s.io/v1]
Role APIs
About Role APIs
ClusterRoleBinding [authorization.openshift.io/v1]
ClusterRole [authorization.openshift.io/v1]
RoleBindingRestriction [authorization.openshift.io/v1]
RoleBinding [authorization.openshift.io/v1]
Role [authorization.openshift.io/v1]
Schedule and quota APIs
About Schedule and quota APIs
AppliedClusterResourceQuota [quota.openshift.io/v1]
ClusterResourceQuota [quota.openshift.io/v1]
FlowSchema [flowcontrol.apiserver.k8s.io/v1beta1]
LimitRange [core/v1]
PriorityClass [scheduling.k8s.io/v1]
PriorityLevelConfiguration [flowcontrol.apiserver.k8s.io/v1beta1]
ResourceQuota [core/v1]
Security APIs
About Security APIs
CertificateSigningRequest [certificates.k8s.io/v1]
CredentialsRequest [cloudcredential.openshift.io/v1]
PodSecurityPolicyReview [security.openshift.io/v1]
PodSecurityPolicySelfSubjectReview [security.openshift.io/v1]
PodSecurityPolicySubjectReview [security.openshift.io/v1]
RangeAllocation [security.openshift.io/v1]
Secret [core/v1]
SecurityContextConstraints [security.openshift.io/v1]
ServiceAccount [core/v1]
Storage APIs
About Storage APIs
CSIDriver [storage.k8s.io/v1]
CSINode [storage.k8s.io/v1]
CSIStorageCapacity [storage.k8s.io/v1beta1]
PersistentVolumeClaim [core/v1]
StorageClass [storage.k8s.io/v1]
StorageState [migration.k8s.io/v1alpha1]
StorageVersionMigration [migration.k8s.io/v1alpha1]
VolumeAttachment [storage.k8s.io/v1]
VolumeSnapshot [snapshot.storage.k8s.io/v1]
VolumeSnapshotClass [snapshot.storage.k8s.io/v1]
VolumeSnapshotContent [snapshot.storage.k8s.io/v1]
Template APIs
About Template APIs
BrokerTemplateInstance [template.openshift.io/v1]
PodTemplate [core/v1]
Template [template.openshift.io/v1]
TemplateInstance [template.openshift.io/v1]
User and group APIs
About User and group APIs
Group [user.openshift.io/v1]
Identity [user.openshift.io/v1]
UserIdentityMapping [user.openshift.io/v1]
User [user.openshift.io/v1]
Workloads APIs
About Workloads APIs
BuildConfig [build.openshift.io/v1]
Build [build.openshift.io/v1]
CronJob [batch/v1]
DaemonSet [apps/v1]
Deployment [apps/v1]
DeploymentConfig [apps.openshift.io/v1]
Job [batch/v1]
Pod [core/v1]
ReplicationController [core/v1]
PersistentVolume [core/v1]
ReplicaSet [apps/v1]
StatefulSet [apps/v1]
Service Mesh
Service Mesh 2.x
About OpenShift Service Mesh
Service Mesh 2.x release notes
Service Mesh architecture
Service Mesh deployment models
Service Mesh and Istio differences
Preparing to install Service Mesh
Installing the Operators
Creating the ServiceMeshControlPlane
Adding workloads to a service mesh
Enabling sidecar injection
Upgrading Service Mesh
Managing users and profiles
Security
Traffic management
Metrics, logs, and traces
Performance and scalability
Deploying to production
Federation
Extensions
3scale WebAssembly for 2.1
3scale Istio adapter for 2.0
Troubleshooting Service Mesh
Control plane configuration reference
Kiali configuration reference
Jaeger configuration reference
Uninstalling Service Mesh
Service Mesh 1.x
Service Mesh 1.x release notes
Service Mesh architecture
Service Mesh and Istio differences
Preparing to install Service Mesh
Installing Service Mesh
Security
Traffic management
Deploying applications on Service Mesh
Data visualization and observability
Custom resources
3scale Istio adapter for 1.x
Removing Service Mesh
Distributed tracing
Distributed tracing release notes
Distributed tracing architecture
Distributed tracing architecture
Distributed tracing installation
Installing distributed tracing
Configuring the distributed tracing platform
Configuring distributed tracing data collection
Upgrading distributed tracing
Removing distributed tracing
OpenShift Virtualization
About OpenShift Virtualization
Start here with OpenShift Virtualization
OpenShift Virtualization release notes
Installing OpenShift Virtualization
Preparing your cluster for OpenShift Virtualization
Specifying nodes for OpenShift Virtualization components
Installing OpenShift Virtualization using the web console
Installing OpenShift Virtualization using the CLI
Installing the virtctl client
Uninstalling OpenShift Virtualization using the web console
Uninstalling OpenShift Virtualization using the CLI
Upgrading OpenShift Virtualization
Additional security privileges granted for kubevirt-controller and virt-launcher
Using the CLI tools
Virtual machines
Creating virtual machines
Editing virtual machines
Editing boot order
Deleting virtual machines
Managing virtual machine instances
Controlling virtual machine states
Accessing virtual machine consoles
Triggering virtual machine failover by resolving a failed node
Installing the QEMU guest agent on virtual machines
Viewing the QEMU guest agent information for virtual machines
Managing config maps, secrets, and service accounts in virtual machines
Installing VirtIO driver on an existing Windows virtual machine
Installing VirtIO driver on a new Windows virtual machine
Advanced virtual machine management
Working with resource quotas for virtual machines
Specifying nodes for virtual machines
Configuring certificate rotation
Automating management tasks
EFI mode for virtual machines
Configuring PXE booting for virtual machines
Managing guest memory
Using huge pages with virtual machines
Enabling dedicated resources for a virtual machine
Scheduling virtual machines
Configuring PCI passthrough
Configuring a watchdog device
Importing virtual machines
TLS certificates for data volume imports
Importing virtual machine images with data volumes
Importing virtual machine images into block storage with data volumes
Importing a Red Hat Virtualization virtual machine
Importing a VMware virtual machine or template
Cloning virtual machines
Enabling user permissions to clone data volumes across namespaces
Cloning a virtual machine disk into a new data volume
Cloning a virtual machine by using a data volume template
Cloning a virtual machine disk into a new block storage data volume
Virtual machine networking
Configuring the virtual machine for the default pod network
Creating a service to expose a virtual machine
Attaching a virtual machine to a Linux bridge network
Configuring IP addresses for virtual machines
Configuring an SR-IOV network device for virtual machines
Defining an SR-IOV network
Attaching a virtual machine to an SR-IOV network
Viewing the IP address of NICs on a virtual machine
Using a MAC address pool for virtual machines
Virtual machine disks
Features for storage
Configuring local storage for virtual machines
Creating data volumes
Reserving PVC space for file system overhead
Configuring CDI to work with namespaces that have a compute resource quota
Managing data volume annotations
Using preallocation for data volumes
Uploading local disk images by using the web console
Uploading local disk images by using the virtctl tool
Uploading a local disk image to a block storage data volume
Managing offline virtual machine snapshots
Moving a local virtual machine disk to a different node
Expanding virtual storage by adding blank disk images
Cloning a data volume using smart-cloning
Creating and using boot sources
Hot-plugging virtual disks
Using container disks with virtual machines
Preparing CDI scratch space
Re-using statically provisioned persistent volumes
Deleting data volumes
Virtual machine templates
Creating virtual machine templates
Editing a virtual machine template
Enabling dedicated resources for a virtual machine template
Deleting a virtual machine template
Live migration
Virtual machine live migration
Live migration limits and timeouts
Migrating a virtual machine instance to another node
Monitoring live migration of a virtual machine instance
Cancelling the live migration of a virtual machine instance
Configuring virtual machine eviction strategy
Node maintenance
About node maintenance
Setting a node to maintenance mode
Resuming a node from maintenance mode
Automatic renewal of TLS certificates
Managing node labeling for obsolete CPU models
Preventing node reconciliation
Node networking
Observing node network state
Updating node network configuration
Troubleshooting node network configuration
Logging, events, and monitoring
Viewing logs
Viewing events
Diagnosing data volumes using events and conditions
Viewing information about virtual machine workloads
Monitoring virtual machine health
Viewing cluster information
OpenShift cluster monitoring, logging, and Telemetry
Prometheus queries for virtual resources
Collecting data for Red Hat Support
Serverless
Release notes
Discover
About OpenShift Serverless
About OpenShift Serverless Functions
Event sources
Brokers
Channels and subscriptions
Install
Installing the OpenShift Serverless Operator
Installing Knative Serving
Installing Knative Eventing
Removing OpenShift Serverless
Knative CLI
Installing the Knative CLI
Configuring the Knative CLI
Knative CLI plugins
Knative Serving CLI commands
Knative Eventing CLI commands
Functions commands
Develop
Serverless applications
Autoscaling
Traffic management
Routing
Event sinks
Event delivery
Listing event sources and event source types
Creating an API server source
Creating a ping source
Custom event sources
Creating channels
Creating and managing subscriptions
Creating brokers
Triggers
Using Knative Kafka
Administer
Global configuration
Configuring Knative Kafka
Serverless components in the Administrator perspective
Integrating Service Mesh with OpenShift Serverless
Serverless administrator metrics
Using metering with OpenShift Serverless
High availability
Monitor
Cluster logging with OpenShift Serverless
Serverless developer metrics
Tracing
Support
Security
Configuring TLS authentication
Configuring JSON Web Token authentication for Knative services
Configuring a custom domain for a Knative service
Functions
Setting up OpenShift Serverless Functions
Getting started with functions
On-cluster function building and deploying
Developing Quarkus functions
Developing Node.js functions
Developing TypeScript functions
Using functions with Knative Eventing
Function project configuration in func.yaml
Accessing secrets and config maps from functions
Adding annotations to functions
Functions development reference guide
Integrations
Integrating Serverless with the cost management service
Using NVIDIA GPU resources with serverless applications
Build, deploy and manage your applications across cloud- and on-premise infrastructure
Red Hat OpenShift DedicatedSingle-tenant, high-availability Kubernetes clusters in the public cloud
Red Hat OpenShift OnlineThe fastest way for developers to build, host and scale applications in the public cloud
All productsA pod is one or more containers deployed together on one host, and the smallest compute unit that can be defined, deployed, and managed.
Pods are the rough equivalent of a machine instance (physical or virtual) to a Container. Each pod is allocated its own internal IP address, therefore owning its entire port space, and containers within pods can share their local storage and networking.
Pods have a lifecycle; they are defined, then they are assigned to run on a node, then they run until their container(s) exit or they are removed for some other reason. Pods, depending on policy and exit code, might be removed after exiting, or can be retained to enable access to the logs of their containers.
OpenShift Container Platform treats pods as largely immutable; changes cannot be made to a pod definition while it is running. OpenShift Container Platform implements changes by terminating an existing pod and recreating it with modified configuration, base image(s), or both. Pods are also treated as expendable, and do not maintain state when recreated. Therefore pods should usually be managed by higher-level controllers, rather than directly by users.
OpenShift Container Platform leverages the Kubernetes concept of a pod , which is one or more containers deployed together on one host, and the smallest compute unit that can be defined, deployed, and managed.
The following is an example definition of a pod from a Rails application. It demonstrates many features of pods, most of which are discussed in other topics and thus only briefly mentioned here:
Pod
object definition (YAML)
kind: Pod
apiVersion: v1
metadata:
name: example
namespace: default
selfLink: /api/v1/namespaces/default/pods/example
uid: 5cc30063-0265780783bc
resourceVersion: '165032'
creationTimestamp: '2019-02-13T20:31:37Z'
labels:
app: hello-openshift (1)
annotations:
openshift.io/scc: anyuid
spec:
restartPolicy: Always (2)
serviceAccountName: default
imagePullSecrets:
- name: default-dockercfg-5zrhb
priority: 0
schedulerName: default-scheduler
terminationGracePeriodSeconds: 30
nodeName: ip-10-0-140-16.us-east-2.compute.internal
securityContext: (3)
seLinuxOptions:
level: 's0:c11,c10'
containers: (4)
- resources: {}
terminationMessagePath: /dev/termination-log
name: hello-openshift
securityContext:
capabilities:
drop:
- MKNOD
procMount: Default
ports:
- containerPort: 8080
protocol: TCP
imagePullPolicy: Always
volumeMounts: (5)
- name: default-token-wbqsl
readOnly: true
mountPath: /var/run/secrets/kubernetes.io/serviceaccount (6)
terminationMessagePolicy: File
image: registry.redhat.io/openshift4/ose-ogging-eventrouter:v4.3 (7)
serviceAccount: default (8)
volumes: (9)
- name: default-token-wbqsl
secret:
secretName: default-token-wbqsl
defaultMode: 420
dnsPolicy: ClusterFirst
status:
phase: Pending
conditions:
- type: Initialized
status: 'True'
lastProbeTime: null
lastTransitionTime: '2019-02-13T20:31:37Z'
- type: Ready
status: 'False'
lastProbeTime: null
lastTransitionTime: '2019-02-13T20:31:37Z'
reason: ContainersNotReady
message: 'containers with unready status: [hello-openshift]'
- type: ContainersReady
status: 'False'
lastProbeTime: null
lastTransitionTime: '2019-02-13T20:31:37Z'
reason: ContainersNotReady
message: 'containers with unready status: [hello-openshift]'
- type: PodScheduled
status: 'True'
lastProbeTime: null
lastTransitionTime: '2019-02-13T20:31:37Z'
hostIP: 10.0.140.16
startTime: '2019-02-13T20:31:37Z'
containerStatuses:
- name: hello-openshift
state:
waiting:
reason: ContainerCreating
lastState: {}
ready: false
restartCount: 0
image: openshift/hello-openshift
imageID: ''
qosClass: BestEffort
metadata
hash.
The pod restart policy with possible values
Always
,
OnFailure
, and
Never
. The default value is
Always
.
OpenShift Container Platform defines a security context for containers which specifies whether they are allowed to run as privileged containers, run as a user of their choice, and more. The default context is very restrictive but administrators can modify this as needed.
containers
specifies an array of one or more container definitions.
The container specifies where external storage volumes are mounted within the container. In this case, there is a volume for storing access to credentials the registry needs for making requests against the OpenShift Container Platform API.
Specify the volumes to provide for the pod. Volumes mount at the specified path. Do not mount to the container root,
/
, or any path that is the same in the host and the container. This can corrupt your host system if the container is sufficiently privileged, such as the host
/dev/pts
files. It is safe to mount the host by using
/host
.
Each container in the pod is instantiated from its own container image.
Pods making requests against the OpenShift Container Platform API is a common enough pattern that there is a
serviceAccount
field for specifying which service account user the pod should authenticate as when making the requests. This enables fine-grained access control for custom infrastructure components.
The pod defines storage volumes that are available to its container(s) to use. In this case, it provides an ephemeral volume for a
secret
volume containing the default service account tokens.
If you attach persistent volumes that have high file counts to pods, those pods can fail or can take a long time to start. For more information, see When using Persistent Volumes with high file counts in OpenShift, why do pods fail to start or take an excessive amount of time to achieve "Ready" state? .
推荐文章
|
|
爱笑的槟榔 · 怎样制作卤水配方_舌尖上的卤味 1 月前 |
|
|
独立的打火机 · 迟子建笔下的东北往事---党建网 1 月前 |
|
|
坚强的领结 · 殺人事件の量刑判断の難しさ【弁護士が選ぶ刑事弁護人】 2 月前 |
|
|
文质彬彬的领结 · 首都师范大学研究生院 1 年前 |