After installing OKD, a cluster administrator can configure and customize the following components:
Machine
Cluster
Node
Network
Storage
Users
Alerts and notifications
Cluster administrators can perform the following post-installation configuration tasks:
Configure operating system features:
Machine Config Operator (MCO) manages MachineConfig
objects. By using MCO, you can perform the following tasks on an OKD cluster:
Configure nodes by using MachineConfig
objects
Configure MCO-related custom resources
Configure cluster features: As a cluster administrator, you can modify the configuration resources of the major features of an OKD cluster. These features include:
Image registry
Networking configuration
Image build behavior
Identity provider
The etcd configuration
Machine set creation to handle the workloads
Cloud provider credential management
Configure cluster components to be private: By default, the installation program provisions OKD by using a publicly accessible DNS and endpoints. If you want your cluster to be accessible only from within an internal network, configure the following components to be private:
DNS
Ingress Controller
API server
Perform node operations: By default, OKD uses Fedora CoreOS (FCOS) compute machines. As a cluster administrator, you can perform the following operations with the machines in your OKD cluster:
Add and remove compute machines
Add and remove taints and tolerations to the nodes
Configure the maximum number of pods per node
Enable Device Manager
Configure network: After installing OKD, you can configure the following:
Ingress cluster traffic
Node port service range
Network policy
Enabling the cluster-wide proxy
Configure storage: By default, containers operate using ephemeral storage or transient local storage. The ephemeral storage has a lifetime limitation. TO store the data for a long time, you must configure persistent storage. You can configure storage by using one of the following methods:
Dynamic provisioning: You can dynamically provision storage on demand by defining and creating storage classes that control different levels of storage, including storage access.
Static provisioning: You can use Kubernetes persistent volumes to make existing storage available to a cluster. Static provisioning can support various device configurations and mount options.
Configure users: OAuth access tokens allow users to authenticate themselves to the API. As a cluster administrator, you can configure OAuth to perform the following tasks:
Specify an identity provider
Use role-based access control to define and supply permissions to users
Install an Operator from OperatorHub
Manage alerts and notifications: By default, firing alerts are displayed on the Alerting UI of the web console. You can also configure OKD to send alert notifications to external systems.