You are viewing documentation for a release that is no longer maintained.
To view the documentation for the most recent version, see the
latest OKD docs
.
Documentation
OKD
latest
4.17
4.16
4.15
4.14
4.13
4.12
4.11
4.10
4.9
4.8
4.7
4.6
3.11
3.10
3.9
3.7
3.6
Configuring Clusters
Overview
About
Welcome
What's New?
Overview
Applications
Cartridges Versus Images
Terminology
Getting Started
Overview
Web Console Walkthrough
Command-Line Walkthrough
Setting Up a Cluster
Architecture
Overview
Infrastructure Components
Kubernetes Infrastructure
Container Registry
Web Console
Core Concepts
Overview
Containers and Images
Pods and Services
Projects and Users
Builds and Image Streams
Deployments
Additional Concepts
Authentication
Authorization
Persistent Storage
Ephemeral Storage
Source Control Management
Admission Controllers
Custom Admission Controllers
Other API Objects
Networking
Networking
OpenShift SDN
Available SDN plug-ins
Available router plug-ins
Port Forwarding
Remote Commands
Routes
Service Catalog Components
Service Catalog
Service Catalog CLI
Template Service Broker
OpenShift Ansible Broker
AWS Service Broker
Container Security Guide
Introduction
Container Hosts and Multi-tenancy
Container Content
Registries
Build Process
Deployment
Securing the Container Platform
Network Security
Attached Storage
Monitoring Events and Logs
Installing Clusters
Planning your installation
System and environment requirements
Preparing your hosts
Configuring Your Inventory File
Example Inventory Files
Installing OpenShift
Installing a stand-alone deployment of OpenShift container image registry
Uninstalling OpenShift
Upgrading Clusters
Upgrade methods and strategies
In-place upgrades
Blue-green upgrades
Updating operating systems
Configuring Clusters
Overview
Setting up the Registry
Internal Registry Overview
Deploying a Registry on Existing Clusters
Accessing the Registry
Securing and Exposing the Registry
Extended Registry Configuration
Known Issues
Setting up a Router
Router Overview
Using the Default HAProxy Router
Deploying a Customized HAProxy Router
Configuring the HAProxy Router to Use the PROXY Protocol
Deploying Red Hat CloudForms
Introduction
Requirements
Configuring Role Variables
Running the Installer
Enabling Container Provider Integration
Uninstalling
Prometheus Cluster Monitoring
Accessing and Configuring the Red Hat Registry
Master and Node Configuration
OpenShift Ansible Broker Configuration
Adding Hosts to an Existing Cluster
Loading the Default Image Streams and Templates
Configuring Custom Certificates
Redeploying Certificates
Configuring Authentication and User Agent
Syncing groups with LDAP
Configuring LDAP failover
Configuring the SDN
Configuring Nuage SDN
Configuring NSX-T SDN
Configuring Kuryr SDN
Configuring for AWS
Configuring for Red Hat Virtualization
Configuring for OpenStack
Configuring for Google Compute Engine
Configuring for Azure
Configuring for VMware vSphere
Configuring Local Volumes
Configuring Persistent Storage
Overview
Using NFS
Using GlusterFS
Using OpenStack Cinder
Using Ceph RBD
Using AWS Elastic Block Store
Using GCE Persistent Disk
Using iSCSI
Using Fibre Channel
Using Azure Disk
Using Azure File
Using FlexVolume
Using VMware vSphere volumes for persistent storage
Using Local Volume
Using Container Storage Interface (CSI)
Using OpenStack Manila shares
Dynamic Provisioning and Creating Storage Classes
Volume Security
Selector-Label Volume Binding
Enabling Controller-managed Attachment and Detachment
Persistent Volume Snapshots
Using hostPath
Persistent Storage Examples
Overview
Sharing an NFS PV Across Two Pods
Using Ceph RBD for Persistent Storage
Using Ceph RBD for dynamic provisioning
Complete Example Using GlusterFS
Complete Example Using GlusterFS for Dynamic Provisioning
Mounting Volumes To Privileged Pods
Mount Propagation
Switching an Integrated OpenShift Container Registry to GlusterFS
Binding Persistent Volumes by Label
Using StorageClasses for Dynamic Provisioning
Using StorageClasses for Existing Legacy Storage
Configuring Azure Blob Storage for Integrated Container Image Registry
Configuring Ephemeral Storage
Working with HTTP Proxies
Configuring Global Build Defaults and Overrides
Configuring Pipeline Execution
Configuring Route Timeouts
Configuring Native Container Routing
Routing from Edge Load Balancers
Aggregating Container Logs
Aggregate Logging Sizing Guidelines
Enabling Cluster Metrics
Customizing the Web Console
Deploying External Persistent Volume Provisioners
Installing the Operator Framework (Technology Preview)
Uninstalling Operator Lifecycle Manager
Day Two Operations Guide
Overview
Run-once tasks
Environment health checks
Creating an environment-wide backup
Host-level tasks
Project-level tasks
Docker tasks
Managing Certificates
Cluster Administration
Overview
Managing Nodes
Restoring your cluster
Replacing a master host
Managing Users
Managing Projects
Managing Pods
Managing Networking
Configuring Service Accounts
Managing Role-based Access Control
Image Policy
Image Signatures
Scoped Tokens
Monitoring Images
Managing Security Context Constraints
Scheduling
Overview
Default Scheduling
Descheduling
Custom Scheduling
Controlling Pod Placement
Pod Priority and Preemption
Advanced Scheduling
Advanced Scheduling and Node Affinity
Advanced Scheduling and Pod Affinity/Anti-affinity
Advanced Scheduling and Node Selectors
Advanced Scheduling and Taints and Tolerations
Setting Quotas
Setting Multi-Project Quotas
Pruning objects
Extending the Kubernetes API with Custom Resources
Garbage Collection
Allocating Node Resources
Overcommitting
Out of Resource Handling
Setting Limit Ranges
Node Problem Detector
Assigning Unique External IPs for Ingress Traffic
Monitoring and Debugging Routers
High Availability
IPtables
Securing Builds by Strategy
Restricting Application Capabilities Using Seccomp
Sysctls
Encrypting Data at Datastore Layer
Encrypting traffic between nodes with IPsec
Building Dependency Trees
Replacing a failed etcd member
Restoring etcd quorum
Troubleshooting Networking
Diagnostics Tool
Idling Applications
Analyzing Cluster Capacity
Configuring the cluster auto-scaler in AWS
Disabling Features using Feature Gates
Kuryr SDN Administration
Scaling and Performance Guide
Overview
Recommended Installation Practices
Recommended Host Practices
Optimizing Compute Resources
Optimizing Persistent Storage
Optimizing Ephemeral Storage
Network Optimization
Routing Optimization
Scaling Cluster Metrics
Scaling Cluster Monitoring
Tested Maximums per Cluster
Using Cluster Loader
Using CPU Manager
Managing Huge Pages
Optimizing On GlusterFS Storage
Developer Guide
Overview
Application Life Cycle Management
Planning Your Development Process
Creating New Applications
Promoting Applications Across Environments
Authentication
Authorization
Projects
Migrating Applications
Overview
Database Applications
Web Framework Applications
QuickStart Examples
Continuous Integration and Deployment
Webhooks and Action Hooks
S2I Tool
Support Guide
Tutorials
Overview
Quickstart Templates
Ruby on Rails
Setting Up a Nexus Mirror
OpenShift Pipeline Builds
Binary Builds
Builds
How Builds Work
Basic Build Operations
Build Inputs
Build Output
Build Strategy Options
Build Environment
Triggering Builds
Build Hooks
Build Run Policy
Advanced Build Operations
Troubleshooting
Deployments
How Deployments Work
Basic Deployment Operations
Deployment Strategies
Advanced Deployment Strategies
Kubernetes Deployments Support
Templates
Opening a Remote Shell to Containers
Service Accounts
Managing Images
Quotas and Limit Ranges
Getting Traffic into a Cluster
Overview
Using a Router
Using a Load Balancer
Using a Service ExternalIP
Using a NodePort
Routes
Integrating External Services
Using Device Manager
Using Device Plug-ins
Secrets
ConfigMaps
Downward API
Projected Volumes
Using Daemonsets
Pod Autoscaling
Managing Volumes
Using Persistent Volumes
Expanding Persistent Volumes
Executing Remote Commands
Copying Files
Port Forwarding
Shared Memory
Application Health
Events
Managing Environment Variables
Jobs
OpenShift Pipeline
Cron Jobs
Create from URL
Creating an object from a custom resource definition
Application memory sizing
Creating Images
Overview
Guidelines
Image Metadata
S2I Requirements
Testing S2I Images
Custom Builder
Using Images
Overview
Source-to-Image (S2I)
Overview
Java
Node.js
Perl
PHP
Python
Ruby
Customizing S2I Images
Database Images
Overview
MySQL
PostgreSQL
MongoDB
MariaDB
Other Images
Overview
Jenkins
Jenkins Slaves
Other Container Images
CLI Reference
Overview
Get Started with the CLI
Managing CLI Profiles
Developer CLI Operations
Administrator CLI Operations
Differences Between oc and kubectl
Extending the CLI
Ansible Playbook Bundle Development Guide
Introduction
CLI Tooling
Writing APBs
Getting Started
Reference
Operators
Getting started with the Operator SDK
API reference
API list
Common object reference
Index
core
About core
Binding [core/v1]
ComponentStatus [core/v1]
ConfigMap [core/v1]
Endpoints [core/v1]
Event [core/v1]
LimitRange [core/v1]
Namespace [core/v1]
Node [core/v1]
PersistentVolumeClaim [core/v1]
PersistentVolume [core/v1]
Pod [core/v1]
PodTemplate [core/v1]
ReplicationController [core/v1]
ResourceQuota [core/v1]
Secret [core/v1]
ServiceAccount [core/v1]
Service [core/v1]
admissionregistration.k8s.io
About admissionregistration.k8s.io
MutatingWebhookConfiguration [admissionregistration.k8s.io/v1beta1]
ValidatingWebhookConfiguration [admissionregistration.k8s.io/v1beta1]
apiregistration.k8s.io
About apiregistration.k8s.io
APIService [apiregistration.k8s.io/v1]
apps
About apps
ControllerRevision [apps/v1]
DaemonSet [apps/v1]
Deployment [apps/v1]
ReplicaSet [apps/v1]
StatefulSet [apps/v1]
apps.openshift.io
About apps.openshift.io
DeploymentConfig [apps.openshift.io/v1]
authentication.k8s.io
About authentication.k8s.io
TokenReview [authentication.k8s.io/v1]
authorization.k8s.io
About authorization.k8s.io
LocalSubjectAccessReview [authorization.k8s.io/v1]
SelfSubjectAccessReview [authorization.k8s.io/v1]
SelfSubjectRulesReview [authorization.k8s.io/v1]
SubjectAccessReview [authorization.k8s.io/v1]
authorization.openshift.io
About authorization.openshift.io
ClusterRoleBinding [authorization.openshift.io/v1]
ClusterRole [authorization.openshift.io/v1]
LocalResourceAccessReview [authorization.openshift.io/v1]
LocalSubjectAccessReview [authorization.openshift.io/v1]
ResourceAccessReview [authorization.openshift.io/v1]
RoleBindingRestriction [authorization.openshift.io/v1]
RoleBinding [authorization.openshift.io/v1]
Role [authorization.openshift.io/v1]
SelfSubjectRulesReview [authorization.openshift.io/v1]
SubjectAccessReview [authorization.openshift.io/v1]
SubjectRulesReview [authorization.openshift.io/v1]
autoscaling
About autoscaling
HorizontalPodAutoscaler [autoscaling/v1]
batch
About batch
CronJob [batch/v1beta1]
Job [batch/v1]
build.openshift.io
About build.openshift.io
BuildConfig [build.openshift.io/v1]
Build [build.openshift.io/v1]
certificates.k8s.io
About certificates.k8s.io
CertificateSigningRequest [certificates.k8s.io/v1beta1]
events.k8s.io
About events.k8s.io
Event [events.k8s.io/v1beta1]
image.openshift.io
About image.openshift.io
Image [image.openshift.io/v1]
ImageSignature [image.openshift.io/v1]
ImageStreamImage [image.openshift.io/v1]
ImageStreamImport [image.openshift.io/v1]
ImageStreamMapping [image.openshift.io/v1]
ImageStream [image.openshift.io/v1]
ImageStreamTag [image.openshift.io/v1]
network.openshift.io
About network.openshift.io
ClusterNetwork [network.openshift.io/v1]
EgressNetworkPolicy [network.openshift.io/v1]
HostSubnet [network.openshift.io/v1]
NetNamespace [network.openshift.io/v1]
networking.k8s.io
About networking.k8s.io
NetworkPolicy [networking.k8s.io/v1]
oauth.openshift.io
About oauth.openshift.io
OAuthAccessToken [oauth.openshift.io/v1]
OAuthAuthorizeToken [oauth.openshift.io/v1]
OAuthClientAuthorization [oauth.openshift.io/v1]
OAuthClient [oauth.openshift.io/v1]
policy
About policy
PodDisruptionBudget [policy/v1beta1]
PodSecurityPolicy [policy/v1beta1]
project.openshift.io
About project.openshift.io
ProjectRequest [project.openshift.io/v1]
Project [project.openshift.io/v1]
quota.openshift.io
About quota.openshift.io
AppliedClusterResourceQuota [quota.openshift.io/v1]
ClusterResourceQuota [quota.openshift.io/v1]
rbac.authorization.k8s.io
About rbac.authorization.k8s.io
ClusterRoleBinding [rbac.authorization.k8s.io/v1]
ClusterRole [rbac.authorization.k8s.io/v1]
RoleBinding [rbac.authorization.k8s.io/v1]
Role [rbac.authorization.k8s.io/v1]
route.openshift.io
About route.openshift.io
Route [route.openshift.io/v1]
scheduling.k8s.io
About scheduling.k8s.io
PriorityClass [scheduling.k8s.io/v1beta1]
security.openshift.io
About security.openshift.io
PodSecurityPolicyReview [security.openshift.io/v1]
PodSecurityPolicySelfSubjectReview [security.openshift.io/v1]
PodSecurityPolicySubjectReview [security.openshift.io/v1]
RangeAllocation [security.openshift.io/v1]
SecurityContextConstraints [security.openshift.io/v1]
storage.k8s.io
About storage.k8s.io
StorageClass [storage.k8s.io/v1]
VolumeAttachment [storage.k8s.io/v1beta1]
template.openshift.io
About template.openshift.io
BrokerTemplateInstance [template.openshift.io/v1]
Template [template.openshift.io/v1]
TemplateInstance [template.openshift.io/v1]
Template [template.openshift.io/v1]
user.openshift.io
About user.openshift.io
Group [user.openshift.io/v1]
Identity [user.openshift.io/v1]
UserIdentityMapping [user.openshift.io/v1]
User [user.openshift.io/v1]
CRI-O Runtime
Using the CRI-O Container Engine
×
Show more results
Overview
This guide covers further configuration options available for your OKD cluster post-installation.