Index
[A][B][C][D][E][F][G][H][I][J][K][L][M][N][O][P][Q][R][S][T][U][V][W][Y][Z]
A
admin users
copying configuration
logging in as
administrators, creating
cluster admins
project admins
Allow All identity provider
annotating images, with security information
Ansible
Apache Kafka
API object support.
See native API object support.
app-cli pod
applications
accessing, 2nd
adding persistent storage using web interface
adding volume to
applying limits and quotas to
building
clustering with Wildfly
components
build configs
custom container images
deployment configs
image streams
configuring node networks
deployed, changing quotas for
deployments, 2nd
changing SCCs for
exposing services with routes
with web interface
isolating, with kernel namespaces
maintaining
creating liveness probes
creating readiness probes
maintaining replicas
nodes
configuring container storage for
preparing
routing requests
investigating HAProxy pods
routing HAProxy requests to correct pods
with HAProxy
scaling, 2nd
scheduling across nodes
serving
testing after adding persistent storage
forcing pod restart
persistent volume mounts
testing resiliency
labels
replication controllers
selectors.
See stateful applications.
architecture
accessing applications
handling network traffic in clusters
integrating container images
assigning user roles
authentication, changing providers
autoinstaller project
automating image promotion
autoscaling
testing implementation
with metrics
determining expected workloads
installing OpenShift metrics
triggering pod autoscaling with pod metrics
B
best-effort deployment
BestEffort, 2nd
blkid command
bridges, Linux
build configs, 2nd
builder image, 2nd
Burstable
C
-c option
CAP_SYS_MODULE
cat command
CentOS, 2nd
configuring disk setup
launching installer
rebooting
setting permanent configurations on servers
general configuration tab
IPv4 settings
setting up networking
hostname resolution
starting installation
cgroups (control groups), 2nd, 3rd
cgroups kernel feature
confirming resource limits
verifying container CPU limits
verifying container memory limits
identifying container cgroups
limiting resources with
overview
CI/CD pipelines
container images with
creating development environments
enabling deployments with image streams
invoking object triggers
Jenkins as backbone of
masking sensitive data in production environments
config maps for environment-specific settings
protecting sensitive data with secrets
promoting dev images into test environments
automating image promotion with image stream triggers
service discovery
CIDR (classless inter-domain routing)
claims, persistent volume
cleanup of applications
clusters
clustering applications with Wildfly
creating cluster admins
handling network traffic in
options
command lines
adding volume to applications on
creating new resources from
creating persistent volume claims using
viewing events on
config maps
for environment-specific settings
implementing
--config parameter
ConfigChange trigger
configuring
/etc/resolv.conf
application node networks
container storage for application nodes
disk setup
DNS resolution on both servers
identity providers
changing authentication providers
htpasswd
master nodes
updating inventory
updating playbooks
NetworkManager
NFS
OpenShift SDN
creating advanced network designs with ovs-networkpolicy plugins
enabling ovs-multitenant plugins
isolating traffic with ovs-multitenant plugins
testing multitenant plugins
using ovs-subnet plugins
repositories on all servers
SELinux on nodes
storage for NFS
consoles, access to
container execution checks
container images
container lifecycle hooks
container platforms
container runtime, 2nd
containers
accessing root filesystems
CPU limits, verifying
creating with Docker
custom images
disadvantages of
identifying cgroups
images with CI/CD pipelines
in Docker
in OpenShift
integrating images
interactive shells in
lifecycle hooks
linking to host interfaces
Linux and
application isolation with kernel namespaces
OpenShift components
memory limits
networking
orchestrating
overview of, 2nd
persistent storage vs container storage
PIDS in
resource utilization with
scanning images
changing SCCs for application deployment
deploying image-scanning applications
obtaining image-scanning applications
viewing events on command lines
viewing security scan results
storage needs
use cases
contexts, SELinux
continuous integration and deployment pipelines.
See CI/CD pipelines.
controllerManagerArgs field
cookies, limitations of
CPU limits, verifying
CPU requests, setting
CrashLoopBackOff status
curl command
custom container images
D
DAC (discretionary access control)
data
in production environments
config maps for environment-specific settings
protecting sensitive data with secrets
permanent, handling requirements
sensitive
masking in production environments
protecting with secrets
Wildfly, verifying replication
data dominance
default groups
deny-execution annotation
deployment, 2nd
changing SCCs for
configs
maintaining application replicas
managing upgrade methods
modifying
enabling with image streams
exposing services with routes
managing with OpenShift
providing consistent application access with services
running deployment playbook
strategies for
with web interface
deployment configs
DeploymentConfiguration
deployments
deterministic sequencing
of startup, with stateful sets
Dev Build job
dev images, promoting into test environments
automating image promotion with image stream triggers
service discovery
development environments, creating
enabling deployments with image streams
invoking object triggers
display name
DNS (domain name server)
internal, locating services with
resolution
configuring on both servers
in pod networks
nip.io domain
selecting hostnames
docker exec command
docker inspect, 2nd
Docker platform
Docker inspect
enabling on nodes
getting running containers
interactive shells in containers
starting on nodes
docker-storage-setup application
docker.io component
dockercfg secret
domain name server.
See DNS.
E
EBS (Elastic Block Storage)
edit role
environment variables
environment-specific settings, config maps for
EPEL (Extra Packages for Enterprise Linux)
/etc/fstab file, editing to include volume
/etc/resolv.conf file, configuring
etcd database
eth0 interface
events, viewing on command lines
exportfs command
F
Failed phase, pod
filesystems
accessing container root filesystems
creating on storage disks
firewalls, setting rules to allow NFS traffic
for loop
forbidden window
FQDNs (fully qualified domain names), 2nd
G
GCP (Google Cloud Platform)
Git Repository URL
Gogs service, triggering Jenkins from
graceful shutdowns
container lifecycle hooks
selecting method
setting grace periods for application cleanup
Guaranteed setting
H
HAProxy
pods
routing requests to correct pods
routing requests with
hardware, exotic
headless services, enabling
application clustering with Wildfly
querying OpenShift API server from pods
use cases for direct pod access
verifying Wildfly data replication
HorizontalPodAutoscaler
hostname command
hostnames
resolution in CentOS 7
selecting
HPA (horizontal pod autoscaler) objects, creating
limits
requests
setting CPU requests
htpasswd
creating database
overview
httpd command
HTTPS checks
HTTPS, access to
I
-i option
identity providers, configuring
changing authentication providers
htpasswd
IETF website
image policies
image streams, 2nd
enabling deployments with
triggers, automating image promotion with
image tags, 2nd
Image Uploader program
IMAGE_TO_SCAN_URL parameter
image-scanning applications
deploying
obtaining
images
annotating with security information
automating promotion with image stream triggers
container images
scanning
with CI/CD pipelines
custom container images
image streams
integrating container images
promoting.
See also dev images.
InfiniBand
Initial Delay value
install-gogs pod
installing
CentOS 7
configuring disk setup
launching installer
rebooting
setting permanent configurations on servers
setting up networking
starting installation
NFS server software
oc OpenShift command-line utility
confirming installation of
installing on Linux
installing on macOS
installing on Windows
OpenShift
creating inventory
machine resource requirements
metrics
prerequisites for
running deployment playbook
software on application-node servers
software on master servers
integration, native
interfaces, linking containers to
internet, access to
inventory
creating
updating
ip a command
ip utility
IPC namespace
iptables command
IPv4 settings, in CentOS 7
isolating
applications with kernel namespaces
container networking
mount namespace
PIDS in containers
shared memory resources
UTS namespaces
resources with Linux
traffic, with ovs-multitenant plugins
J
jeduncan component
Jenkins server
as backbone of CI/CD pipelines
triggering from Gogs
Jenkinsfile, native integration with
JGroups
K
kernel namespaces, isolating applications with
container networking
mount namespace
PIDS in containers
shared memory resources
UTS namespaces
KUBE_PING
kubelet service
kubepods-besteffort.slice
kubepods-burstable.slice
Kubernetes, 2nd
L
labels, 2nd
latest tag
limit ranges
LimitRange object
limits, 2nd
applying to existing applications
confirming cgroup resource limits
limit ranges
verifying container CPU limits
verifying container memory limits
Linux OS
containers and
application isolation with kernel namespaces
OpenShift components
installing oc OpenShift command-line utility on
isolating resources with
limiting resources with
managing pod capabilities
liveness probes
logging in
as admin user
oc command-line application
to OpenShift web interface
logic layer
loopback interface
lsblk command, 2nd
lsns command
LV (logical volume)
LVM (logical volume management)
M
MAC (mandatory access control)
mappingMethod
maxLimitRequestRatio
MCS (multi-category security)
MCS levels
memory
shared resources
verifying container memory limits
metrics
autoscaling with
determining expected workloads
installing OpenShift metrics
triggering pod autoscaling with pod metrics
stacks
millicores
Minishift
monolith applications
mount namespace
mounting storage disk at startup
activating mountpoint
creating mountpoint directory
editing /etc/fstab to include volume
storage drive block ID
N
-n parameter
--name parameter
nameserver parameter
namespaces
NAT (Network Address Translation)
native API object support, for stateful applications with stateful sets
consistent persistent storage mappings
deterministic sequencing of startup and shutdown order with stateful sets
examining a stateful set
predictable network identity
stateful applications without native solutions
stateful set limitations
network design
network file system application.
See NFS (Network File System) application.
network identity, predictable
Network namespace
network traffic, handling in clusters
networking
configuring application node networks
configuring OpenShift SDN
creating advanced network designs with ovs-networkpolicy plugins
enabling ovs-multitenant plugins
isolating traffic with ovs-multitenant plugins
testing multitenant plugins
using ovs-subnet plugins
containers
in CentOS 7
installing DNS resolution in pod networks
locating services with internal DNS
managing OpenShift SDN
configuring application node networks
linking containers to host interfaces
working with OVS
routing application requests
investigating HAProxy pods
routing HAProxy requests to correct pods
with HAProxy
NetworkManager, configuring
networkPluginName parameter
new_nodes group
NFS (network file system) application
configuring
configuring storage for
confirming volume
enabling
installing server software
starting services
traffic, setting firewall rules to allow
nfs-utils package
NGINX
nip.io domain
nodes
adding
configuring application node networks
configuring container storage for
configuring SELinux on
enabling Docker on
master, configuring
updating inventory
updating playbooks
scheduling applications across with Kubernetes
starting Docker on
NotBestEffort pods
NotTerminating pods
nsenter command
O
oadm (OpenShift administration)
object triggers, invoking
oc autoscale command
oc command-line application
oc create command, 2nd, 3rd
oc delete pod command
oc describe command, 2nd
oc describe resourcequota command
oc export command
oc get pod command
oc get pods command
oc get pv command
oc get quota command
oc login command
oc new-app command, 2nd, 3rd
oc new-project command
oc OpenShift command-line utility
confirming installation of
installing
on Linux
on macOS
on Windows
oc path command
oc policy command
oc project command
oc rsh command
oc set probe command
oc set triggers command
Open vSwitch.
See OVS.
OpenFlow
OpenSCAP
OpenShift
components
creating containers with Docker
isolating and limiting resources with Linux
scheduling applications across nodes with Kubernetes
containers in
installation
installation, prerequisites for
administrator or root access
available systems or creating virtual machines
communication between servers
creating inventory
DNS resolution
internet access
machine resource requirements
networking information
running deployment playbook
server access
installing metrics
metrics stacks
managing deployments with
querying API server from pods
SDN, configuring
creating advanced network designs with ovs-networkpolicy plugins
enabling ovs-multitenant plugins
isolating traffic with ovs-multitenant plugins
testing multitenant plugins
using ovs-subnet plugins
SDN, managing
configuring application node networks
linking containers to host interfaces
working with OVS
web interface
logging in to
OpenShift SDN network plugin
orchestration engine
OVS (Open vSwitch)
multitenant plugins
enabling
isolating traffic with
testing
networkpolicy plugins, creating advanced network designs with
overview
subnet plugins
ovs-multitenant
ovs-networkpolicy
ovs-subnet
P
-p option
PATH variable
Pending phase, pod
permissions
persistent storage, 2nd
adding to application using web interface
adding volume to applications on command line
consistent mappings
container storage vs
creating persistent volume
creating new resources from command line
creating physical volume
logging in as admin user
creating persistent volume claims
with command line
with web interface
handling permanent data requirements
mounting storage disk at startup
activating mountpoint
creating mountpoint directory
editing /etc/fstab to include volume
storage drive block ID
NFS (Network File System)
configuring
configuring storage for
confirming volume
enabling and starting
installing server software
setting firewall rules to allow traffic
starting services
testing applications after adding
forcing pod restart
persistent volume mounts
persistent volume
claims
creating with web interface
using command line
creating
logging in as admin user
new resources from command line
physical volume
mounts
persistentVolumeClaim
pet set
php-demo-app component
physical volume, creating
selecting reclaim policy
selecting storage access mode
PID (process ID)
--pid option
PIDS (process identification numbers)
in containers
playbook code, Ansible
playbooks
running deployment playbook
updating
pod network
pods
controlling user ID
DNS resolution in networks
forcing restart
HAProxy
isolating with MCS levels
managing Linux capabilities
querying OpenShift API server from
routing HAProxy requests to
security contexts
triggering autoscaling with pod metrics
avoiding thrashing
creating HPA objects
testing autoscaling implementation
use cases for direct access
policies, SELinux
PostStart hook
presentation layer
preStop hook
privileged option
privileged pod
process identification numbers, in containers
production environments, masking sensitive data in
config maps for environment-specific settings
protecting sensitive data with secrets
project admins
project quotas
projects, creating
promoteToTest tag, 2nd
promoting images
property accessor
ps command
PVCs (persistent volume claims)
python-pip package
Q
QoS (quality of service)
querying OpenShift API server, from pods
quotas
applying to existing applications
changing for deployed applications
creating compute quotas
for resources
R
-R option
RC (replication controllers)
readiness probes, creating
reclaim policy, selecting
Recycle option
replica set
replicas, maintaining
replication controllers (RC)
repositories, configuring on servers
requests
resiliency of applications, testing
labels
replication controllers
selectors
resource limit
resources
creating from command line
isolating with Linux
limit ranges
limiting with cgroups
confirming limits
identifying container cgroups
overview
limiting with Linux
machine resource requirements
quotas
creating compute quotas
creating resource quotas
restart of pods, forcing
Retain option
rolling upgrades
rollout command
routes
routing
application requests
investigating HAProxy pods
with HAProxy
exposing services with routes
HAProxy requests to correct pods
routing layer
ROX (Read-only many)
runAsUser parameter
Running phase, pod
RWO (Read/Write once)
RWX (Read/Write many)
S
S2I
scale command
scaling applications, 2nd.
See also autoscaling.
scanning container images
changing SCCs for application deployment
deploying image-scanning applications
installing software on
obtaining image-scanning applications
viewing events on command lines
SCCs (security context constraints)
scheduling applications across nodes with Kubernetes
scopes
SDN (software-defined networking), 2nd
search parameter
secrets, protecting sensitive data with
secure socket shell protocol.
See ssh (secure socket shell) protocol.
security
annotating images with security information
pod security contexts
controlling pod user ID
managing pod Linux capabilities
MCS levels
scanning container images
changing SCCs for an application deployment
deploying image-scanning applications
obtaining image-scanning applications
viewing events on command lines
viewing security scan results
SELinux core concepts
applying labels with SELinux contexts
enforcing SELinux with policies
isolating pods with MCS levels
SELinux labels
security context constraints, changing for application deployment
selectors
SELinux module
configuring on nodes
contexts, applying labels with
enforcing with policies
isolating pods with MCS levels
labels
seLinuxOptions
semanage command
servers
access to
application-node servers, installing software on
communication between
configuring DNS resolution on
configuring /etc/resolv.conf
configuring NetworkManager
configuring repositories on
master servers, installing software on
setting permanent configurations on
service component
services
discovery
DNS
environment variables
fixing ToDo by injecting environment variables
exposing with routes
maintaining applications
creating liveness probes
creating readiness probes
providing consistent application access with
scaling applications
testing application resiliency
labels
replication controllers
selectors
with internal DNS, locating.
See also headless services.
serving applications
shared storage, NFS
shells, in containers
show-all=false option
shutdown order, with stateful sets
signals, Linux
SIGTERM signal
SkyDNS
software-deployment pipeline
ssh (secure socket shell) protocol, access to, 2nd
ssh-copy-id command
ssh-keygen command
startup, deterministic sequencing of
stateful applications
demonstrating sticky sessions
enabling headless services
application clustering with Wildfly
querying OpenShift API server from pods
use cases for direct pod access
verifying Wildfly data replication
graceful shutdowns
container lifecycle hooks
selecting method
setting grace periods for application cleanup
integrating
native API object support for, with stateful sets
without native solutions
stateful sets
deterministic sequencing of startup with
examining
limitations of
native API object support for stateful applications with
consistent persistent storage mappings
predictable network identity
stateful applications without native solutions
shutdown order with
stateless applications, integrating
sticky sessions
storage
attaching to applications, with web interface
container storage, configuring for application nodes
disks, creating filesystems on
selecting access mode.
See also persistent storage.
storage disks, mounting at startup
activating mountpoint
creating mountpoint directory
editing /etc/fstab to include volume
storage drive block ID
storage layer
Succeeded phase, pod
system users
systemctl command
systemctl-cgls command
systemd command
T
tar utility
TCP socket checks
Terminating pods
test environments, promoting dev images into
automating image promotion with image stream triggers
service discovery
testing
application resiliency
labels
replication controllers
selectors
applications after adding persistent storage
forcing pod restart
persistent volume mounts
autoscaling implementation
ovs-multitenant plugins
thrashing, avoiding
time sharing, Unix
Timeout value
timeslices
ToDo application, fixing by injecting environment variables
toggling sticky sessions
traffic, isolating with ovs-multitenant plugins
tun0 interface
type enforcement
U
Unix time sharing namespaces
Unknown phase, pod
updating
inventory
playbooks
upgrades, managing methods
usebuttons property
user roles
assigning
creating administrators
creating cluster admins
creating project admins
setting default
users.
See also admin users.
UTS (Unix time sharing) namespaces
UUID (unique identifier)
V
veth (virtual Ethernet interface), 2nd
virtual machines, 2nd
VNID (VXLAN network identifier)
volume
adding to applications on command line
editing /etc/fstab to include
volume claim template
VXLAN (virtual extensible local area network)
W
watch command
web interface
adding persistent storage to applications
attaching storage to applications with
creating persistent volume claims with
deploying applications with
OpenShift, logging in to
webhooks, Gogs
wildcard record, DNS
Wildfly server
clustering applications with
verifying data replication
workloads, determining