Skip to main content

Prerequisites to Deploying OpenShift on Azure

Hands-On Lab


Photo of Jesse Hoch

Jesse Hoch

DevOps Training Architect II





In this lab you will be creating a key vault in an existing resource group to use for your OpenShift installation. You will be generating a an ssh key and storing it in the key vault. You will need to use the Azure CLI tools in the cloud shell using bash.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Prerequisites to Deploying OpenShift on Azure


In this hands-on lab, we will create a key vault, generate the SSH keys, and then store the private key in the key vault via Azure CLI commands.


Log in to the Azure Portal using the credentials provided on the lab instructions page.

Configure Cloud Shell

  1. If a Welcome to Microsoft Azure get started window appears, click Maybe layer.

  2. On the left-hand side navigation menu, click All Resources.

  3. Set up Cloud Shell by clicking the "Cloud Shell" icon button in the top-right hand corner of the screen:

    "Azure Cloud Shell"

  4. When prompted to choose an environment, click Bash to begin configuring the Cloud Shell.

  5. On the "You have no storage mounted" window, click Show advanced settings.

  6. Leave and use the existing subscription, resource group, and storage account.

    Note: If the storage account does not populate, ensure that West US is selected for the Cloud Shell region field .

  7. Under Storage account, click the radio button for Use existing.

  8. Under File share, choose the radio button for Create new and specify okdcloudshell as the new file share name.

  9. Click Create Storage.

    Note: Upon completion, we should see a status of Cloud Shell.Succeeded.

Create a Key Vault Using Azure CLI

  1. Now use the Cloud Shell that we just created to run the Azure CLI keyvault create command for creating a key vault to store our SSH key in that we will create in the next task. It should look similar to this:

    az keyvault create --resource-group --name keyvaultOKD --enabled-for-template-deployment true

    Note: Make sure you replace the resource group in the command with the one in your lab. Also you may need to change the name of the key vault or add a 1 to the end of the name. It should show as Running and may take a couple of minutes to successfully complete.

  2. Navigate back to the Microsoft Azure All Resources section, and then click Refresh to see keyvaultOKD. If keyvaultOKD is in use, append a few random numbers to the end of the name.

Generate SSH Keys

  1. Now in the Cloud Shell, we will need to generate SSH keys. We will store them in the .ssh directory and name it openshift_rsa. Make sure not to use a passphrase:

    ssh-keygen -f ~/.ssh/id_rsa -t rsa -N ''

Store Your SSH Key in the Key Vault

  1. Store our SSH key that was just created in the last task in the key vault using the keyvault secret set Azure CLI command:

    az keyvault secret set --vault-name keyvaultOKD --name keysecret --file ~/.ssh/id_rsa


Congratulations — you've completed this hands-on lab!