Skip to main content

OpenShift Operations

Hands-On Lab


Photo of joel


Training Architect





OpenShift Operations In this scenario, we have been tasked with reconfiguring an internal-only OpenShift cluster to be accessible on the public internet. Since the cluster will be open to the outside world, it's been asked that htpasswd authentication be enabled. The cluster owners have requested that a backup of the master be created before any changes are made... just in case.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

  • Create a backup of master using script
$ git clone
$ cd openshift-ansible-contrib/reference-architecture/day2ops/scripts/
$ bash -h
  • edit master-config.yml to set the MasterPublicURL to the public IP for the instance.
masterPublicURL: https://openshift.$
  • Change the cluster identityprovider from AllowAll to DenyAll
  • Update the "openshift_web_console" oauthconfig URL
oc get oauthclients
oc edit oauthclient openshift_web_console
  • Restart the origin-master-controllers & origin-master-api services to propagate changes.
systemctl restart origin-master-controllers origin-master-api