Skip to main content

OpenShift Operations

Hands-On Lab


Photo of

Training Architect





OpenShift Operations

In this scenario, we have been tasked with reconfiguring an internal-only OpenShift cluster to be accessible on the public internet. Since the cluster will be open to the outside world, it's been asked that htpasswd authentication be enabled. The cluster owners have requested that a backup of the master be created before any changes are made... just in case.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

  • Create a backup of master using script
$ git clone
$ cd openshift-ansible-contrib/reference-architecture/day2ops/scripts/
$ bash
  • edit master-config.yml to set the MasterPublicURL to the public IP for the instance.
masterPublicURL: https://openshift.$
  • Change the cluster identityprovider from AllowAll to DenyAll
  • Update the "openshift_web_console" oauthconfig URL
oc get oauthclients
oc edit oauthclient openshift_web_console
  • Update the PublicUrl and the consolePublicURL openshift-web-console configmap.
oc edit configmap/webconsole-config -n openshift-web-console
  • Restart the origin-master-controllers & origin-master-api services to propagate changes.
systemctl restart origin-master-controllers origin-master-api