Scribd
Upload
130 views2 pages

Note

The document outlines a series of tasks for managing identity providers, creating projects, user permissions, resource quotas, and limits in an OpenShift environment. It includes specific instructions for user creation, project access levels, group management, autoscaling configurations, and deploying applications across various projects. Additionally, it details the creation of secrets and secure routes for applications, ensuring they are accessible and functional.

Uploaded by

Muhamad Fadel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
130 views2 pages

Note

The document outlines a series of tasks for managing identity providers, creating projects, user permissions, resource quotas, and limits in an OpenShift environment. It includes specific instructions for user creation, project access levels, group management, autoscaling configurations, and deploying applications across various projects. Additionally, it details the creation of secrets and secure routes for applications, ensuring they are accessible and functional.

Uploaded by

Muhamad Fadel
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

1.

Manage identity providers :


a. Configure the OAuth to use HTPasswd as the identity provider
b. Secret name should be ex 280-secure and identity provider name should be
ex280-idp-secure
c. Create user mike with password blackcat
d. Create user david with password openSky
e. Create use john with password dec2023

touch htpasswd.txt
htpasswd -c -B -b <nama_file> <nama_user> <password_user>
oc create secret generic <nama_secret> --from-file htpasswd=<asal_file> -n openshift-
config
(ke consol openshift buat oauth baru dengan type htpasswd)
oc get oauth cluster -o yaml > <namafile.yaml>
oc replace -f <namafile.yaml>

2. Create project with named alpha,beta and gama


a. Mike user should have cluster administrator
b. John user should have administrative access in project
c. David should not have access to create project
d. Kubeadmin user should not exist
3. Create a group with named prod and dev
a. Add mike user in prod group
b. Add david and john users in dev
4. Give edit permission to dev group on alpha project give administrative permission to
prod groups on beta project
5. Create resource quota by name myquota for project alpha:
a. Pods = 10
b. Cpu = 4
c. Services = 6
d. Memory = 1Gi
e. Secrets = 5
6. Create resource limit by name mylimit for project gama and defining resource range as
mentioned below:
a. For pods min cpu limit is “3m” and max is “400m”
b. For containers min cpu limit is “10m” and max is “50m” and default request of
“30m”
c. For pods min memory is “30Mi” and max is “50Mi”
d. For containers min memory is “20Mi” and “60Mi” and default request of “40Mi”
7. There is an application in project loan, application is running. Make sure you are able to
acces the application on browser
8. Create service account by name mysa in sigma, there is an application deployed in that
project. The process inside the container can be executed with any user id. Make sure
you assign required role to to the service id and application should be running and
accessible
9. In project devops, there is an application running with one pod. Scale the deployment to
run 4 pods. Make sure, all pods are running.
10. In an insurance project you need to set up autoscaling for pods based on cpu utilization.
The requirements for autoscaling are as follows:
a. The minimum number of replicas should be 3
b. The maximum number of replicas should be 9
c. Autoscaling should be triggered based on cpu utilization reaching 70%
d. The containers in the pods have the following default CPU resource requests and
limits:
e. Default CPU request for each container is “10m” (millicores)
f. Default CPU limit for each container is “100m” (millicores)
11. Create secret with named circus in cloud project. The key name should be
decode_value and the value of key should be babablackship=
12. use the secret created earliner under cloud project there is one pod in cloud project. It
should be circus secret decode_value (scriptfile-given) = openssl com
13. Create a secure route in cricket project. There is already an executable file under
/usr/local/bin/new_cert.sh, execute this script to create the certificate. Use the generated
certificate to create secure route.
a. One application is already running named with hello
b. It should run on https with self-signed certificate
c. It should use subi ‘/CN=classified.apps.domain3.example.com’ it should run on
https with following
d. Url https://classified.apps.ocp4.example.com application should produce output
14. Deploy application in the project rocket: there is one pod already running and application
should produce output
15. An application is deployed in the project modi. There is one pod already running and
application should produce output
16. An application is deployed in the project moon. There is one pod already running and
application should produce output. Dont make any changes in resource

You might also like