Openshift
Work through every question currently mapped to this canonical topic.
- What types of nodes OpenShift has?
Answer
- Workers: Where the end-user applications are running
- Masters: Responsible for managing the cluster
- Which component responsible for determining pod placement?
Answer
The Scheduler.
- What else the scheduler responsible for except pod placement?
Answer
Application high availability by spreading pod replicas between worker nodes
- OpenShift supports many resources. How to get a list of all these resources?
Answer
oc api-resources - Explain OpenShift CLIs like oc and odo
Answer
oc is used for creating applications, but also for administrating OpenShift cluster
odo is used solely for managing applications on OpenShift (mainly from developers' perspective) and has nothing to do with administrating the cluster
- What is a project in OpenShift?
Answer
A project in OpenShift is a Kubernetes namespace with annotations.
In simpler words, think about it as an isolated environment for users to manage and organize their resources (like Pods, Deployments, Service, etc.).
- How to list all projects? What the "STATUS" column means in projects list output?
Answer
oc get projectswill list all projects. The "STATUS" column can be used to see which projects are currently active. - You have a new team member and you would like to assign to him the "admin" role on your project in OpenShift. How to achieve that?
Answer
oc adm policy add-role-to-user -n - How to create a MySQL application using an image from Docker Hub?
Answer
oc new-app mysql - What is an image stream?
🚧 Answer not written yet.
- What would be the best way to run and manage multiple OpenShift environments?
Answer
Federation
- What is OpenShift Federation?
Answer
Management and deployment of services and workloads across multiple independent clusters from a single API
- Explain the following in regards to Federation:
- Multi Cluster
- Federated Cluster
- Host Cluster
- Member Cluster
Answer
- Multi Cluster - Multiple clusters deployed independently, not being aware of each other
- Federated Cluster - Multiple clusters managed by the OpenShift Federation Control Plane
- Host Cluster - The cluster that runs the Federation Control Plane
- Member Cluster - Cluster that is part of the Federated Cluster and connected to Federation Control Plane
- Multi Cluster
- What is a storage device? What storage devices are there?
Answer
- Hard Disks
- SSD
- USB
- Magnetic Tape
- What is Random Seek Time?
Answer
The time it takes for a disk to reach the place where the data is located and read a single block/sector.
Bones question: What is the random seek time in SSD and Magnetic Disk? Answer: Magnetic is about 10ms and SSD is somewhere between 0.08 and 0.16ms
- What happens when a pod fails or exit due to container crash
Answer
Master node automatically restarts the pod unless it fails too often.
- What happens when a pod fails too often?
Answer
It's marked as bad by the master node and temporary not restarted anymore.
- How to find out on which node a certain pod is running?
Answer
oc get po -o wide - Explain Services and their benefits
Answer
Services in OpenShift define access policy to one or more set of pods.
- They are connecting applications together by enabling communication between them
- They provide permanent internal IP addresses and hostnames for applications
- They are able to provide basic internal load balancing
- Explain labels. What are they? When do you use them?
Answer
- Labels are used to group or select API objects
- They are simple key-value pairs and can be included in metadata of some objects
- A common use case: group pods, services, deployments, ... all related to a certain application
- Labels are used to group or select API objects
- How to list Service Accounts?
Answer
oc get serviceaccounts - What is a Route?
Answer
A route is exposing a service by giving it hostname which is externally reachable
- What Route is consists of?
Answer
- name
- service selector
- (optional) security configuration
- name
- True or False? Router container can run only on the Master node
Answer
False. It can run on any node.
- Given an example of how a router is used
Answer
- Client is using an address of application running on OpenShift
- DNS resolves to host running the router
- Router checks whether route exists
- Router proxies the request to the internal pod
- What are "Security Context Constraints"?
Answer
From OpenShift Docs: "Similar to the way that RBAC resources control user access, administrators can use security context constraints (SCCs) to control permissions for pods".
- How to add the ability for the user
user1to view the projectwonderlandassuming you are authorized to do soAnswer
oc adm policy add-role-to-user view user1 -n wonderland
- How to check what is the current context?
Answer
oc whoami --show-context - What is OpenShift Serverless?
Answer
- In general 'serverless' is a cloud computing model where scaling and provisioning is taken care for application developers, so they can focus on the development aspect rather infrastructure related tasks
- OpenShift Serverless allows you to dynamically scale your applications and provides the ability to build event-driven applications, whether the sources are on Kubernetes, the cloud or on-premise solutions
- OpenShift Serverless is based on the Knative project.
- In general 'serverless' is a cloud computing model where scaling and provisioning is taken care for application developers, so they can focus on the development aspect rather infrastructure related tasks
- What are some of the event sources you can use with OpenShift Serverless?
Answer
- Kafka
- Kubernetes APIs
- AWS Kinesis
- AWS SQS
- JIRA
- Slack
More are supported and provided with OpenShift.
- Kafka
- Explain serverless functions
🚧 Answer not written yet.
- What is the difference between Serverless Containers and Serverless functions?
🚧 Answer not written yet.
- What is Replication Controller?
Answer
Replication Controller responsible for ensuring the specified number of pods is running at all times.
If more pods are running than needed -> it deletes some of them
If not enough pods are running -> it creates more
- OpenShift - Projects 101
Objectives
In a newly deployed cluster (preferably) perform the following:
- Log in to the OpenShift cluster
- List all the projects
- Create a new project called 'neverland'
- Check the overview status of the current project
Answer
Objectives
In a newly deployed cluster (preferably) perform the following:
- Login to the OpenShift cluster
- List all the projects
- Create a new project called 'neverland'
- Check the overview status of the current project
Solution
oc login -u YOUR_USER -p YOUR_PASSWORD_OR_TOKEN oc get projects # Empty output in new cluster oc new-project neverland oc status
OpenShift 101 6 questions
- What is OpenShift?
Answer
OpenShift is a container orchestration platform based on Kubernetes.
It can be used for deploying applications while having minimal management overhead.
- How OpenShift is related to Kubernetes?
Answer
OpenShift is build on top of Kubernetes while defining its own custom resources in addition to the built-in resources.
- True or False? OpenShift is a IaaS (infrastructure as a service) solution
Answer
False. OpenShift is a PaaS (platform as a service) solution.
- True or False? OpenShift CLI supports everything kubectl supports, along with additional functionality
Answer
True
- What are some of OpenShift added features on top of Kubernetes?
Answer
- UI: OpenShift provides unified UI out-of-the-box
- Routes: Simple procedure for exposing services
- Developer Workflow Support: built-in CI/CD (openshift pipelines), built-in container registry and tooling for building artifacts from source to container images
- True or False? To run containers on OpenShift, you have to own root privileges
Answer
False. OpenShift supports rootless containers by default.