OpenShift

Notes on OpenShift¹. To deploy operators on OpenShift see operators.

OpenShift is a container application platform developed by Red Hat, based on Kubernetes. It automates the processes of installation, upgrades, and lifecycle management for containerized applications across clusters. OpenShift supports a variety of programming languages and frameworks, facilitating the development, deployment, and scaling of applications in a cloud environment. It integrates development and operations workflows, aiming to improve productivity and support DevOps practices. The platform emphasizes security and scalability, offering tools for managing container applications in enterprise settings.

Cookbook

App selection

To get the name of all resources matching a certain label:

$ oc get all --selector app=$APPNAME -o name

To delete said resources use:

$ oc delete all --selector app=$APPNAME

Image loading

gRPC routes

To enable sending gRPC requests to an OpenShift route, you will need to create a route that exposes the gRPC service and configure the necessary settings:

Deploy your gRPC application to OpenShift: First, you need to have a gRPC application running on OpenShift. You can use oc new-app or oc create commands to deploy your application.
Create a Service for your gRPC application: You need to create a Kubernetes service that exposes your gRPC application within the OpenShift cluster. Create a YAML file (e.g., grpc-service.yaml) with the following content:

apiVersion: v1
kind: Service
metadata:
  name: grpc-service
  labels:
    app: grpc-service
spec:
  selector:
    app: grpc-service
  ports:
    - protocol: TCP
      port: 80
      targetPort: <gRPC-server-port>

Replace <gRPC-server-port> with the port your gRPC server is listening on. Then, apply the service configuration using the oc apply command:

oc apply -f grpc-service.yaml

Create a Route for your gRPC service: Create a YAML file (e.g., grpc-route.yaml) with the following content:

apiVersion: route.openshift.io/v1
kind: Route
metadata:
  name: grpc-route
spec:
  to:
    kind: Service
    name: grpc-service
  port:
    targetPort: <gRPC-server-port>
  tls:
    termination: passthrough

Replace <gRPC-server-port> with the port your gRPC server is listening on. The termination field is set to passthrough to allow end-to-end TLS encryption for gRPC traffic.

Apply the route configuration using the oc apply command:

oc apply -f grpc-route.yaml

Get the Route’s hostname: You can get the hostname of your newly created route by running:

oc get route grpc-route -o jsonpath='{.spec.host}'

This hostname is what your gRPC clients will use to connect to the service.

Configure your gRPC client: Update your gRPC client to use the route’s hostname to send requests to the gRPC service. Remember to use the appropriate TLS settings, as gRPC communication is encrypted by default.

With these steps completed, your gRPC service should be accessible through the OpenShift route, and you can send gRPC requests to it.

CodeReady Containers

SSH into VM

To SSH into a running CRC machine use

ssh -i ~/.crc/machines/crc/id_ecdsa core@192.168.130.11

From inside the VM you can issue normal oc commands, such as listing the nodes

oc get nodes --context admin --cluster crc --kubeconfig /opt/kubeconfig

Certificates

Self-signed certificates

Footnotes

https://www.redhat.com/en/technologies/cloud-computing/openshift↩︎