www.YoYoBrain.com - Accelerators for Memory and Learning Questions for OpenShift

Category: Default - (402 questions) OpenShift:  2 primary tools to serve 1. container runtime - creates containers in application in OpenShift platform Linux 2. orchestration engine - manage cluster of servers running containers OpenShift:  routing layer a software load balancer, when an application is deployed in OpenShift, a DNS entry is created and added to the load balancer, which interfaces with the Kubernetes service OpenShift:  log into cluster and create oc login -u dev -p dev http://....:8443 user named dev with password dev OpenShift:  what is the default port for 8443 OpenShift cluster OpenShift:  what is a cluster's initial All All identity provider user name/password configuration allows any user and password combination to log in. OpenShift:  ____ are the fundamental projects way applications are organized OpenShift:  to create a project called oc new-project image-update image-update --display-name='My image update project' OpenShift:  how to change to project oc project myProj myProj OpenShift:  each application application source code deployment's image is created using _____ custom base image called a builder image and ____ OpenShift:  the component that build config controls the creation of your application containers is _____ OpenShift:  ____ contains all the info build config needed to build an application using its source code OpenShift:  4 things in build config 1. URL for the application source code 2. Name of builder image to use 3. Name of the application container image that is created 4. Events that trigger a new build to occur OpenShift:  the job of deploying and deployment config component upgrading the application is handled by the _____ OpenShift:  how are the number of passed into Kubernetes object called a replicas handled by deployment config replication controller OpenShift:  ____ component is used deployments to track each deployment for an application by deployment config component OpenShift:  image streams used to automate actions in OpenShift.  They consist of links to one or more containers and trigger new deployments when components are updated. OpenShift:  how to deploy an oc new-app application with CLI OpenShift:  see information about the oc describe svc/app-cli service for app-cli OpenShift:  see information about oc describe bc/ build config for OpenShift:  see information about oc describe dc/ deploy config for OpenShift:  create a route for app-cli oc expose svc/app-cli application OpenShift:  get information about oc describe route/app-cli route for app-cli OpenShift: CL to create a liveness probe   oc set probe OpenShift: 2 types of probes 1. liveness probe - pod destroyed if it fails 2. readiness OpenShift: how to manually rollback a oc rollback app-cli deployment for app-cli OpenShift: to enable autoscaling the admin metrics stack must deploy the OpenShift ______OpenShift: 3 main components of OpenShift Hawkular, Heapster, and Apache Cassandra metrics stack OpenShift: the pods that are used to collect openshift-infra and process metrics run in _____ project OpenShift: how to install metrics stack 1. Enter the openshift-infra project oc project openshift-infra 2. run the ansible playbook ansible-playbook OpenShift: _____ is a process that runs on kubelets each OpenShift node and coordinates which tasks the node should execute with OpenShift master OpenShift: object to monitor the metrics and Horizontal Pod Autoscaler - HPA trigger autoscaling OpenShift: CLI to create an HPA object oc autoscale dc/ OpenShift: how to see all the Horizontal Pod oc get hpa Autoscalers OpenShift: how to inspect HPA object app-cli oc describe hpa app-cli OpenShift: a ____ is a threshold you can set resource request that affects scheduling and quality of service OpenShift: set a CPU request for all the pods oc set resources dc in app-cli application to 400 millicores app-cli --requests=cpu=400m OpenShift: ____ are arrays of objects that OpenShift templates can be parameterized and spun up on demand OpenShift: how to see the OpenShift oc get templates -n openshift templates that come installed OpenShift: how to import a template into the oc create -f -n dev dev project OpenShift: _____ is used to orchestrate Kubernetes containers in an OpenShift cluster OpenShift: on each application node, docker Kubernetes depends on ____ to create the containers for each application deployment OpenShift: how are Linux namespaces used provide isolation for the resources running in for containers the container OpenShift: the purpose of cgroups in provide maximum, guaranteed access limits containers for CPU and memory on the application node OpenShift: Linux command to list lsns namespaces OpenShift: uses _____ Linux namespaces to 5 isolate process and resources on application nodes OpenShift: what is purpose of the mount isolates filesystem content, ensuring that Linux namespace content assigned to the container by OpenShift is the only content available to the process running in the container OpenShift: your OpenShift configuration LVM - logical volume manager uses _____ on this device for container LV - logical volume storage.  Each container gets its own _____ when it is created OpenShift: CLI tool to enter an active nsenter --target namespace for another application OpenShift: purpose of UTS Linux Unix time sharing - lets each container have namespace its own hostname and domain name OpenShift: scale the app-cli application to 2 oc scale dc/app-cli --replicas=2 pods OpenShift: run a command on oc exec command OpenShift: purpose of PID Linux namespace isolating visible PIDs in container to only the applications in container OpenShift: the application component that replication controller - rc handles scaling application pods is called ______OpenShift: how to see information on oc describe rc app-cli-1 replication controller for deployment app-cli-1 OpenShift: what field in rc (replication select field, lists the tags controller) and service determines which pods they target OpenShift CP: how to register a system with subscription-manager register Red Hat OpenShift CP: pull the latest subscription subscription-manager refresh data from Red Hat subscription manager OpenShift CP: list available Red Hat subscription-manager list --available subscriptions OpenShift CP: when you get pool ID for subscription-manager attach OpenShift Container Platform from --pod= subscription-manager, how to attach to it OpenShift CP: how to enable more subscription-manager software repos using repos --enable=".." subscription-manager OpenShift CP: the installer for OpenShift atomic-openshift-utils Container Platform is provided by ____ package OpenShift CP: installation command for OCP atomic-openshift-installer install OpenShift CP: command to start OCP systemctl restart atomic-openshift-master-api atomic-openshift-master-controllers OpenShift CP: basic command for admin oc adm tasts OpenShift CP: where is the master config file /ect/origin/master/master-config.yaml OpenShift: delete the default router oc delete all -l router=router OpenShift: create a new default router oc adm router --replicas=1 --service=account=router OpenShift: delete the default registry oc delete all -l docker-registry=default OpenShift: create the docker-registry service oc adm registry using registry service account OpenShift: 3 steps to configure persistent 1. provision a volume that points to a storage storage for the image registry server on your network 2. create a volume claim 3. manually add the claim to the registry service OpenShift: login into remote server oc login -u username -p password --server=  -- insecure-skip-tls-verify OpenShift: track progress of the build of the oc logs -f bc/ruby-ex application ruby-ex OpenShift: see the build statistics oc get builds OpenShift: get status of applications oc status OpenShift: create a route for external clients oc expose service ruby-ex to application ruby-ex OpenShift: view new route after running oc get route oc expose service OpenShift: how to edit the BuildConfig for oc edit bc/ruby-ex app ruby-ex OpenShift: see the webhook URL in oc describe bc ruby-ex BuildConfig for app ruby-ex OpenShift: manually rebuild image for app oc start-build ruby-ex ruby-ex OpenShift: view a list of projects oc get projects OpenShift: manually start build for ruby-ex oc start-build ruby-ex --follow and stream the logs OpenShift: default OpenShift router HAProxy software OpenShift: S2I Source-to-image - tool for building reproducible docker image.  Produces images by injecting source code into a Docker image and assembling a new Docker image OpenShift: add the user named developer to oc adm policy add-role-to-user view project called mysecrets view developer -n mysecrets OpenShift: how to switch to different user oc login --username developer developer if logged into multiple accounts OpenShift: how to switch login to another oc login cluster OpenShift: get a list of all OpenShift cluster oc config get-clusters you have ever logged into OpenShift: get a list of all contexts that have oc config get-contexts ever been created, indicating what users on those clusters you have logged into as OpenShift: see a list of all resources that oc get all -o name have been created in the project so far OpenShift: see all resources with tag oc get all --selector app=blog -o name app=blog OpenShift: delete all resources with tag oc delete all --selector app=blog app=blog OpenShift: how to verify an image name is oc new-app --search valid OpenShift: deploy a Docker image oc new-app as new application  OpenShift: get the route to application oc get route/django django OpenShift: when a Docker image is pulled Image Stream down to create an application, a _____ is created to track the image OpenShift: how to see all image streams in a oc get imagestream -o name project OpenShift: get details of image stream for oc describe imagestream/django the application named django OpenShift: how to import a Docker image oc import-image into project --confirm OpenShift: Deploy a new application from oc new-app image stream called --name my-app OpenShift: how to see who you are logged in oc whoami as OpenShift: monitor the progress of any oc get builds --watch builds in a project OpenShift: how to start a build from a oc start-build blog --from-dir=. --wait directory OpenShift: get a list of all the different oc get resource object types OpenShift: a high level description of the oc types main resource object types OpenShift: 2 equivalent ways to get oc describe route/parksmap description of route for parksmap application oc describe route parksmap OpenShift: to see a description of the oc explain route.spec.host purpose of a specific filed in the raw object example: host field of spec object in route OpenShift: export route oc export route/parksmap -o parksmap definition to be used to json create a new resource in a different project or cluster OpenShift: to be able to change an existing oc replace -f def.json resource from a JSON/YAML definition metadata.name must be the same as the object to be replaced OpenShift: command to edit a value in place oc patch on a resource OpenShift: monitor progress as oc rollout status dc/database application database is deployed OpenShift: to create an interactive shell in oc rsh database-1-x pod database-1-x OpenShift: copy files into a pod oc rsync OpenShift: set an environment variable on oc set env dc/blog COLOR=red app blog COLOR=red OpenShift: how to synchronize local oc rsync django/. directory django with pod and push :/path/to/app --no-perms --watch & any changes OpenShift: how to see all persistent volume oc get pvc claims OpenShift: how to remove a persistent oc set volume dc/dummy --remove volume --name=tmp-mount OpenShift: how to mount a persistent volume oc set volume dc/dummy --add to dummy application --name= --claim-name= --type=pvc OpenShift: an individual route can override setting annotation on the route definition some its defaults by _____ OpenShift: Open Service Broker API standard for requesting cloud services from different vendors OpenShift: cluster service broker a service that conforms to the Open Service Broker API and manages a set of one or more services OpenShift: template service broker (TSB) gives the service catalog visibility into the default Instant App and Quick Start templates that have shipped with OpenShift Container Platform OpenShift: to isolate a project network in the oc adm pod-network cluster isolate-projects OpenShift: view the logs for the Docker oc logs dc/docker-registry registry OpenShift: how to give permissions to a user oc policy add-role-to-user be able to use docker pull command registry-viewer OpenShift: to allow user to be able to run oc policy add-role-to-user docker push registry-editor OpenShift: how to login to docker registry on oc login cluster docker login -u openshift -p $(oc whoami -l) :port OpenShift: what is used for OCP Registry Prometheus metrics metrics OpenShift: fetch the service IP and port of oc get svc/docker-registry registry OpenShift: how to pause the docker-registry oc rollout pause dc/docker-registry service OpenShift: resume the docker-registry oc rollout resume dc/docker-registry service OpenShift: what is a pass-through route Encrypted traffic is sent straight to the destination without the router providing TLS termination OpenShift: 2 supported router plugins HAProxy F5 router OpenShift: the default service account is router named ______OpenShift: 389 Directory Server Open Source LDAP server OpenShift: router sharding uses NAMESPACE_LABELS and ROUTE_LABELS to filter router namespaces and routes.  This enables you to distribute subsets of routes over multiple router deployments. OpenShift: location of master server config /etc/origin/master/master-config.yaml OpenShift: node server config files /etc/origin/node/node-config.yaml OpenShift: you can add new hosts to your scaleup.yaml cluster by running the ____ playbook OpenShift: create a user oc create user OpenShift: create a user from identity oc create identity ldap-provider:dave provider ldap-provider called dave OpenShift: map identity provider oc create useridentitymapping ldap-provider named bob to OpenShift ldap-provider:bob bob_smith Content Platform user bob_smith OpenShift: container-native versus native - Gluster storage runs containerized container-ready storage for GlusterFS directly on OpenShift Container Platform nodes ready - runs on its own dedicated nodes and is managed by instance of heketi OpenShift: heketi open source project that provides REST management interface to manage the life cycle of GlusterFS volumes OpenShift: each kubelet exposes Heapster metrics that can be collected and stored in backend by _____ OpenShift: etcd open source reliable clustered, distributed key-value store OpenShift: API server Kubernetes API server validates and configures the data for pods and services OpenShift: show the authorization rule sets oc describe for admin default cluster role clusterrole.rbac admin OpenShift: 2 levels of RBAC roles and Cluster RBAC - applicable across all projects bindings Local RBAC - scoped to a given project OpenShift: how to apply custom roles and oc auth reconcile -f FILE permissions OpenShift: security context constraints SCC control the actions that a pod can perform and what it has the ability to access OpenShift: how to see the SCC (security oc export scc/privileged context constraint) privileged  OpenShift: how to determine what you are oc policy con-i --list allowed to do as user OpenShift: to determine if you can perform a oc policy can-i specific OpenShift: PV persistent volume OpenShift: PVC persistent volume claim OpenShift: PVCs are specific to a ______project and used by developers as a means to grab persistent volume (PV) a _____   OpenShift: scope of PV shared across the entire OCP cluster OpenShift: admission controller intercepts requests to the master API prior to the persistence of a resource, but after the request is authenticated and authorized.  If any plug-in rejects the request, the entire request is rejected. OpenShift: 2 types of admission webhook 1. Mutating admission webhooks - can objects modify resource content before it is persisted 2. Validating admissions webhooks - validation OpenShift: limit range produces a mechanism to enforce min/max limits placed on resources in a Kubernetes namespace consumed by an individual pod or container OpenShift: ResourceQuota way to limit resource requests across objects in a namespace OpenShift: SkyDNS a distributed service for announcement and discovery built on top of etcd OpenShift: DNS service run on master node SkyDNS for service discovery OpenShift: on a node host, each container's master name nameserver has the _____ added to the ..cluster.local front, and the default seach domain for the container will be ____ OpenShift: ovs-subnet plugin provides a flat pod network where every pod can communicate with every other pod and service OpenShift: ovs-multitenant plug-in provides project-level isolation for pods and service OpenShift: OCP supports the ______as the Kubernetes Container Network (CNI) interface between the OCP and Kubernetes OpenShift: pod preset an object that injects user-specified information into pods as they are created OpenShift: the pod preset feature is available Service Catalog only if ____ has been installed OpenShift: init container a container in a pod that is started before the pod app containers are started.  When a pod starts, the init containers are started in order and must finish before the next one is run.   OpenShift: headless services no load-balancing or proxy is used and no cluster IP is allocated for this service.  OpenShift: the servers that back a service endpoints are called its _____ OpenShift: image stream images points from within an image stream to a particular image ID @ OpenShift: image stream tags a named pointer to an image in an imagestream :< tag> OpenShift: get information about the image oc describe is/ stream for OpenShift: to get all the information about a oc describe particular image stream tag istag/: OpenShift: job similar to a replication controller, but jobs are for one-time pods OpenShift: 2 ways requests to the OCP API 1. OAuth Access tokens are authenticated 2. X.509 Client Certificates OpenShift: authorization is managed using 1. rules - permitted actions on objects _____ 2. roles - collection of rules 3. bindings - associations between users/groups and roles OpenShift: RBAC Role Based Access Control OpenShift: builder pods require access to source clone secrets any git repos defined as the source for a oc new-app https://myrepo build.  ____ are used to pass --source-secret=yoursecret information needed to access OpenShift: when specifying a remote URL append # for new-app, how to indicate a specific git oc new-app branch https://# OpenShift: the new-app command creates a build configuration ____, which itself creates a ____ from application image source code OpenShift: logic for new-app to create a build 1. If a Jenkins file exists, a Pipeline build strategy strategy 2. If Dockerfile is found, a Docker build strategy is used 3. Otherwise, it uses a source build strategy OpenShift: how to override the build strategy --strategy=docker in new-app OpenShift: how does language detection Look for certain file types to map over to a work in new-app for source build strategy language such as mapping setup.py to python.  System then searches for image stream tags that have a support annotation that matches the detected language. OpenShift: how to override the image the put imagestream followed by ~ and git build uses for a particular repo in new-app source oc new-app ~ OpenShift: create an application from oc new-app mysql DockerHub MySQL image OpenShift: to create an application using an specify the full Docker image spec image in a private registry oc new-app myregistry:5000/example/myimage OpenShift: how to store an application oc create -f template from file OpenShift: how to create a new-app with a oc new-app -f template in local file system OpenShift: when creating an application -p or --param argument based on templates, how to pass in oc new-app ruby-world -p parameters ADMIN_USER_NAME=admin OpenShift: how to pass in template --param-file== parameters from a file OpenShift: 2 ways to specify environment 1. -e or --env variables to pass in the application container or when running new-app 2.) --env-file OpenShift: how to specify environment --build-env variables, to the build container when or running new-app --build-env-file OpenShift: to do a dry run of new-app and use the -o or -output argument with yaml or see an output json value OpenShift: how to explicitly set name --name= when running new-app OpenShift: how to create objects in a -n or --namespace different project OpenShift: how to group images and source separate names with + in a single pod oc new-app ruby+mysql or -- group oc new-app myapp mysql --group=ruby+my sql OpenShift: delete all the pods for the oc delete pod -l app=app-cli app-cli application OpenShift: 3 ways a liveness probe can 1. HTTP(S) checks on URL check container health 2. Container execution - script run in container 3. TCP socket check OpenShift: Prometheus open source monitoring and altering solution, that is being introduced to provide and visualize cluster metrics OpenShift: Ansible playbook to install openshift-metrics.yml OpenShift metrics OpenShift: 3 levels of service quality when 1. Guaranteed making a resource request 2. Burstable 3. Best Effort OpenShift: requests and limits can be set by LimitRange default on a project-wide basis by creating a ____ object OpenShift: how to see pre-installed oc get templates -n openshift templates OpenShift: instantiate an app from the oc new-app --template= template OpenShift: make user a cluster administrator oc adm policy add-cluster-role-to-user cluster-admin OpenShift: in Linux, support for containers Linux Containers project LXC revolves around the ______OpenShift: OCI handles these 2 specs 1. Runtime Specification - (runtime-spec) 2. Image Specification (image-spec) OpenShift: Red Hat's publically hosted OpenShift Online OpenShift service OpenShift: Red Hat's OpenShift Dedicated Cloud-based OpenShift with dedicated clusters OpenShift: how to specify using VirtualBox minishift start --vm-driver=virtualbox with a Minishift cluster OpenShift: how to get instructions on setting minishift oc-env up shell environment for Minishift to find oc command OpenShift: to access the web console for minishift console OpenShift when using Minishift OpenShift: how to change MiniShift default minishift config configuration for CPUs, memory and disk space OpenShift: Red Hat's version of Minishift Red Hat Container Development Kit OpenShift: Command to start a cluster on oc cluster up local VM OpenShift: to find the URL for OpenShift web oc whoami --show-server console OpenShift: how to have the local cluster use config options: --use-existing-config, information to be reusable --host-config-dir, and --host-data-dir OpenShift: get a list of common options oc options accepted by all oc commands OpenShift: when using REST API what has Same token as used in command line to be sent in the head of requests login Authorization: Bearer OpenShift: how to get authorization token for oc whoami --show-token current login OpenShift: what character can be used for lower case letters, numbers and dash project names character - OpenShift: find the current project oc project OpenShift: remove a user from a project oc adm policy remove-role-from-user edit OpenShift: get a list of the users who have oc get rolebindings access to a project and their roles OpenShift: how to edit membership of project Go to project list, click the three-dot menu using GUI icon for the project and select View Membership OpenShift: where does the list of builders in Looking for images in the current project and Catalog come from the openshift project that have been labeled as builder images OpenShift: the ___ project acts as a global openshift repository for builder images and templates OpenShift: get a list of available images oc get imagestreams OpenShift: command line equivalent of oc new-app -L seeing similar results from Browse Catalog in GUI OpenShift: behavior when the hostname is OpenShift will default to first looking for the left off when specifying an image for image on any global image registries that a application cluster admin has specified OpenShift: how to check on the staus of the oc status overall project OpenShift: how to see what environment oc set env dc/ --list variables will be set in the container OpenShift: see the list of image stream oc get is definitions OpenShift: if you need to deploy multiple Import the image into OpenShift separate apps from one oc import-image image:   --confirm OpenShift: what must be done on cluster first must create an empty image stream for it before pushing an image on local machine oc create to OpenShift internal registry imagestream   OpenShift: how to prepare an image on your Must tag it with details of OpenShift registry, local machine before pushing to OpenShift your project and name of image stream and registry image version. docker tag //:  OpenShift: default security model for It will be run with an assigned Unix user ID applications while running  unique to the project you are deploying into  OpenShift: what is best practice for image to be able to run as any Unix user ID  design in terms of the user ID a program is run in OpenShift: how to deploy an application, Run new-app with imagestream from when new-build is used first  new-build instead of builder image and repo URL  OpenShift: how to trigger a new build after oc start-build using new-build to new-app process  bc/  OpenShift: what happens when a builder All applications that used it will be rebuilt and image is updated  re-deployed  OpenShift: best practices when specifying a Specifying exact version instead of using builder image  latest, so your apps aren't rebuilt with incompatible software   OpenShift: how to trigger a rebuild oc start-build bc/ using local source files, overriding git repo --from-dir=.  OpenShift: how to revert back to repo after start a new build without specifying an input using start-build with --from-dir  source oc start-build bc/  OpenShift: binary input source build  To run a single build from a local source  OpenShift: use case for binary input source Useful during the development of an build  application.  You can iterate on changes without pushing to a Docker repo.  OpenShift: how to create a binary input build oc new-build --name --binary configuration  --strategy=source --image-stream   OpenShift: when using binary input build using oc start-build with --from-dir strategy, how do you trigger a build  option  OpenShift: the mechanism for running unit use a post-commit hook  tests on the application source code or verify the image before it is pushed to the internal registry OpenShift: how to specify a post-commit oc set build-hook bc/ hook on build config  --post-commit "command" command issued to replace the original image entry point  OpenShift: to remove a post-commit build oc set build-hook bc/ hook  --remove  OpenShift: how to set environment variables --env specific to build step, if using a new-build to oc new-build --name --env new-app process  X=y  OpenShift: to have full control over how the Docker build  image is built and application run in build stage you have to use ___ strategy  OpenShift: Docker build strategy can application image be used to construct ____ or _____ S2I builder image OpenShift: how does Docker build strategy using the docker build command to process work the instructions contained in the Docker file OpenShift: what privileges are needed for Must be able to run as root for docker build Docker build strategy command and the build of the image has to be able to run as root OpenShift: command to create an S2I builder oc new-app --name image from a Dockerfile --strategy=docker OpenShift: how to supply build arguments --build-args when building an image from a Docker file OpenShift: what must be present in appropriate ARG instructions Dockerfile to use --build-args when building an image from Dockerfile OpenShift: how to build directly from local use new-build with --dockerfile option Dockerfile cat Dockerfile | oc new-build --name --dockerfile=- OpenShift: the command line tool that drives s2i the S2I build process OpenShift: how to build a container image s2i build with S2I OpenShift: in S2I build process, after an assemble script provided by the S2I injecting and unpacking source code, a builder image _____ will be run OpenShift: what instruction in Dockerfile is LABEL with values that start with io.k8s. used to configure S2I builder image Ex: io.k8s.description="Simple HTTP server" OpenShift: what 2 scripts does S2I assemble - moves source code to correct use in builder image location and prepares it run - script to be run when image is launched OpenShift: how to include usage instructions script named: usage for S2I builder image OpenShift: what are requirements on S2I 1. The application should run in foreground builder image run script 2. Use exec command to execute it.  This ensures that it inherits proccess ID 1 of the container. OpenShift: In S2I builder image, both the Add this line to start of each script. assemble and run scripts should fail set -eo pipefile immediately if any part fails.  How to accomplish? You must add an annotation for the S2I OpenShift: how to have your S2I builder builder image stream. show up in catalog of web console   annotations:  tags: builder OpenShift: process to allow oc create, If image is hosted on DockerHub, you can in place or oc import-image for an S2I host the image stream definition using any builder web server and run oc create -f OpenShift: 3 different ways that S2I 1. Include different version of the scripts with assemble and run scripts can be overridden your application source code or extended 2. Hosting them on separate webserver and referencing them from the build configuration 3. Or for run script, by mounting it into a container from a config map or persistent volume OpenShift: how to move S2I builder Add them to source code in the file environment values into source code instead .s2i/environment of --build-env in oc new-app command OpenShift: how to override assemble and Put your own scripts in the run scripts in S2I builder image in source .s2i/bin directory of app source code code OpenShift: typical use case when overriding Perform some action, then execute the assemble and run scripts in S2I original script builder images OpenShift: where is application code directory: /tmp/src originally injected into when using S2I builder image OpenShift: option for replacing/extending Has the assemble and run scripts in a assemble/run scripts in S2I builder image if separate code repo and set up the build you can't add to the original source files config to download them from that location by editing the build build config using spec.strategy.sourceStrategy script property. OpenShift: how to override run script in Edit the deployment configuration for the image built using S2I builder image application deployed from the image.  The run script will need to be stored in a persistent volume and provided using a config map item mounted as a file into the container or placed into a temp volume using an init container OpenShift: create a config map using local oc create configmap file --from-file= OpenShift: how to mount a config map into oc set volume dc/ --add an application --type=configmap --configmap-name= --mount-path= OpenShift: what must be done to use an S2I Necessary to override the metadata of the build to create a new S2I builder that image created.  This can be done from behaves differently an assemble script by creating the file /tmp/.s2i/image_metadata.json and overriding the labels for the image that specify where the assemble and run script are located OpenShift: 2 mechanisms designed to 1. incremental builds reduce the time taken to run S2I builds of an 2. chained builds application OpenShift: 3 requirements for an S2I builder 1. must not discard build artifacts that could to support incremental builds be carried over to a subsequent build 2. Must provide a script to extract the build artifacts from the image created by the previous build. 3. Must know how to look for and use any build artifacts injected into container for the new build. OpenShift: for S2I builder to support save-artifacts incremental builds, the S2I builder must provide ____ script to extract build artifacts from the previous build image OpenShift: for a S2I builder utilizing a tar archive stream of the build artifacts incremental build, the output from the save-artifacts script should be _____ OpenShift: when the S2I build process is run - temporary container from image produced and incremental build support is enabled a by previous build ____ will be started and ____ command run - save-artifacts and ____ into container for new build - output of script will be captured and injected OpenShift: where will the output of /tmp/artifacts save-artifacts will be placed when the S2I build process is run with incremental build support OpenShift: to enable incremental builds for set the an existing build configuration, you must spec.strategy.sourceStrategy.incremental ______property to true OpenShift: 2 key differences of S2I builder 1. Files copied from separate image versus chain build versus incremental build being copied from previous build 2. you can chose the location where the files will be copied to OpenShift: what must be set to configure deploy key GitHub to allow OpenShift to access a private repo OpenShift: how to upload a private SSH key oc secrets new-sshauth --ssh-privatekey= OpenShift: how to link builder service oc secrets link builder account access to SSH key in secrets OpenShift: how to link an SSH secret add annotation to source code repo oc annotate secret/ 'build.openshift.io/source-secret-math-uri-l=< repo-address> OpenShift: create a secret for HTTPS oc secrets interaction with Git repo new-basicauth  --username --prompt OpenShift: with OpenShift 3.2, how to supply Use --source-secret option with new-app or Github secret for access new-build OpenShift: how to connect Github rep with Configure the Git repo hosting service with OpenShift build configuration the details of the URL OpenShift accepts for the callback OpenShift: how to regenerate the webhook Run "oc set triggers" with build URL with a new secret token configuration name as argument and pass the option --from-github, --from-gitlab, or --from-bitbucket OpenShift: how to get the URL for a generic oc set triggers webhook --from-webhook OpenShift: when running an "oc set env" enclose the argument with single quote how to use an earlier environment variable in 'somthing$(ENV1)morestuff' a later environment variable OpenShift: how to delete an environment use name of environment variable followed variable for deploy config by -: oc set env dc/ =- OpenShift: how to restrict setting an call 'oc set env' using --container environment variable to a single container option OpenShift: how to allow a project to use any oc adm policy add-scc-to-user user ID including root anyuid -z default OpenShift: meaning of The image is the name of S2I builder that will ~ syntax in new-app be combined with code to use for a Source usage build strategy OpenShift: how to run the build step oc new-build separately versus new-app OpenShift: when new-build is used instead of an imagestream new-app, the runnable image created is saved away as ______OpenShift: how to pass config map with oc set env dc/ --from environment variables in a deployment configmap/ configuration OpenShift: create a config map with simple oc create configmap  key/value pairs passed in command --from-literal KEY1=value1 --from-literal KEY2=value2 OpenShift: how to create a config map from oc create configmap  a file --from-file OpenShift: to mount a config map into a oc set volume dc/ --add container as a set of files --configmap-name --mount-path= OpenShift: alternate to config map for secret handling sensitive data OpenShift: how to create a secret from oc create secrets passing in key-value pairs --from-literal KEY=value OpenShift: when using a secret in a template under the stringData field rather than definition, you can supply the values as the data field clear text in secret.yml file, as long as you add them _____ OpenShift: how to pass a secret into build oc set env dc/ --from configuration secret/ OpenShift: to mount a secret into a file oc set volume dc/ --add system --secret-name --mount-path= OpenShift: how to delete config maps and oc delete configmap,secret secrets OpenShift: in order to accept connections on 0.0.0.0 a port outside the pod, an application should 127.0.0.1 or localhost bind to the network address ____ and not _____ OpenShift: to get a list of the pod IP oc get endpoints addresses associated with a service, you use ______OpenShift: when using the unqualified name only from within the project where the of the service for an application as the application is deployed hostname, the name will be resolvable _____ OpenShift: the format for an application's ..svc.cluster.lo fully qualified hostname cal OpenShift: how to open up access between oc adm pod-network  projects OpenShift: how to use your own custom use --hostname in 'oc expose' hostname for externally exposed route command OpenShift: how to get clients to use a secure use 'oc create route' instead of 'oc connection from external expose' OpenShift: 3 types of secure external routes edge - terminated by router, passthrough, supported and reencrypt OpenShift: how to create a secure oc create route edge connection with edge termination --service OpenShift: to allow a web application to oc create route edge accept both secure/insecure connections   -- service --insecure-policy Allow OpenShift: to redirect insecure connections oc create route edge to secure connections --service --insecure-policy Redirect OpenShift: consequences of containers not unable to use privileged port numbers below running as root user on port usage 1024 OpenShift: see what ports a service is oc get services advertised as OpenShift: override port used when running --port option 'oc expose' or 'oc create route' OpenShift: 2 ways to expose non-HTTP 1. Dedicate a public IP address for service services to external and configure network routing to pass connections to any port on that address to IP address of internal service 2. a dedicated port on gateway host for the cluster could be assigned to the service OpenShift: how to temporarily expose oc port-forward a port to a local machine OpenShift: 3 access modes for persistent 1. ReadWriteOnce - mounted by single node storage 2. ReadOnlyMany 3. ReadWriteMany OpenShift: if you need a persistent volume use --claim-class option with a particular storage class OpenShift: what happens when 'oc set The application will be automatically volume' is run redeployed with the persistent volume mounted into each container OpenShift: how to list persistent volumes oc set volume dc/ added against an application OpenShift: to share one persistent volume pass --subpath option to between multiple applications but have them oc set volume be able to see only a subset of what is stored OpenShift: if the requirement is for file use special volume type called emptyDir sharing only between containers in a pod oc set volume with --type=emptyDir and not persistence OpenShift: how to release a persistent oc delete pvc/ volume claim OpenShift: 2 types of reclaim policies for Recycle and Retain persistent volumes OpenShift: when quotas are applied on a oc describe quota per-project basis, you can view them with  OpenShift: how to see a quota that is across oc describe multiple projects appliedclusterresourcequota OpenShift: see limit ranges oc describe limits OpenShift: to modify the resource oc set resources dc/ --limits requirements for you application memory=512Mi OpenShift: to register a container command oc set probe dc/ --liveness -- as a probe OpenShift: to register the success of a oc set probe dc/ --readiness socket connection as a probe --open-tcp OpenShift: get a list of all nodes known to oc get nodes the master OpenShift: to list information about a single oc get node node OpenShift: get detailed information on node oc describe node OpenShift: ____ and _____ allow the node taints to control which pods should (or should not) tolerations be scheduled on them OpenShift: a _____ allows a node to refuse a taint pod to be scheduled unless that pod has a toleration matching _____ OpenShift: add a taint to an existing node oc adm tain nodes key1=value1: OpenShift: 3 effects allowed on node taint NoSchedule PreferNoSchedule NoExecute OpenShift: view the resource usage on all oc adm top nodes nodes OpenShift: delete node from cluster oc delete node OpenShift: to add or update labels on a node oc label node key1=value1 OpenShift: to list pods on one or more nodes oc adm manage-node --list-pods OpenShift: to mark a node as unschedulable oc adm manage-node --schedulable=false OpenShift: mark a currently oc adm manage-node --scheduable unschedulable node as scheduable. OpenShift: to evacuate all or selected pods oc adm drain on node [--pod-selector=] OpenShift: list the parameters in a template oc process --parameters -n