DO180 - ch02s07

Bookmark this page

Lab: Kubernetes and OpenShift Command-line Interfaces and APIs

Find detailed information about your OpenShift cluster and assess its health by querying its Kubernetes resources.

Outcomes

Use the command line to retrieve information about the cluster resources.
Identify cluster operators and API resources.
List the available namespaced resources.
Identify the resources that belong to the core API group.
List the resource types that the oauth.openshift.io API group provides.
List the resource usage of containers in a pod.
Use the JSONPath filter to get the number of allocatable pods and compute resources for a node.
List the memory and CPU usage of all pods in the cluster.
Use jq filters to retrieve the conditions status of a pod.
View cluster events and alerts.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

[student@workstation ~]$ lab start cli-review

Instructions

The API URL of your OpenShift cluster is https://api.ocp4.example.com:6443, and the oc command is already installed on your workstation machine.

Log in to the OpenShift cluster as the developer user with the developer password. Use the cli-review project for your work.

[student@workstation ~]$ oc login -u developer -p developer \
  https://api.ocp4.example.com:6443
...output omitted...

Create the cli-review project.

[student@workstation ~]$ oc new-project cli-review
Now using project "cli-review" on server "https://api.ocp4.example.com:6443".
...output omitted...

Use the oc command to list the following information for the cluster:

Retrieve the cluster version.
Identify the supported API versions.
Identify the fields for the pod.spec.securityContext object.

Identify the cluster version.

[student@workstation ~]$ oc version
Client Version: 4.14.0
Kustomize Version: v5.0.1
Kubernetes Version: v1.27.6+f67aeb3

Identify the supported API versions.

[student@workstation ~]$ oc api-versions
admissionregistration.k8s.io/v1
apiextensions.k8s.io/v1
apiregistration.k8s.io/v1
apiserver.openshift.io/v1
apps.openshift.io/v1
apps/v1
...output omitted...

Identify the fields for the pod.spec.securityContext object.

[student@workstation ~]$ oc explain pod.spec.securityContext
KIND:     Pod
VERSION:  v1

FIELD: securityContext <PodSecurityContext>

DESCRIPTION:
...output omitted...

From the terminal, log in to the OpenShift cluster as the admin user with the redhatocp password. Then, use the command line to identify the following cluster resources:

List the cluster operators.
Identify the available namespaced resources.
Identify the resources that belong to the core API group.
List the resource types that the oauth.openshift.io API group provides.
List the events in the openshift-kube-controller-manager namespace.

[student@workstation ~]$ oc login -u admin -p redhatocp \
  https://api.ocp4.example.com:6443
...output omitted...

List the cluster operators.

[student@workstation ~]$ oc get clusteroperators
NAME                         VERSION   AVAILABLE   PROGRESSING   DEGRADED   SINCE
authentication               4.14.0    True        False         False      12h
baremetal                    4.14.0    True        False         False      31d
cloud-controller-manager     4.14.0    True        False         False      31d
cloud-credential             4.14.0    True        False         False      31d
cluster-autoscaler           4.14.0    True        False         False      31d
config-operator              4.14.0    True        False         False      31d
console                      4.14.0    True        False         False      31d
...output omitted...

List the available namespaced resources.

[student@workstation ~]$ oc api-resources --namespaced
NAME                    SHORTNAMES  APIVERSION  NAMESPACED  KIND
bindings                            v1          true        Binding
configmaps              cm          v1          true        ConfigMap
endpoints               ep          v1          true        Endpoints
events                  ev          v1          true        Event
limitranges             limits      v1          true        LimitRange
persistentvolumeclaims  pvc         v1          true        PersistentVolumeClaim
pods                    po          v1          true        Pod
...output omitted...

Identify the resources that belong to the core API group.

[student@workstation ~]$ oc api-resources --api-group ''
NAME                     SHORTNAMES   APIVERSION   NAMESPACED   KIND
bindings                              v1           true         Binding
componentstatuses        cs           v1           false        ComponentStatus
configmaps               cm           v1           true         ConfigMap
endpoints                ep           v1           true         Endpoints
events                   ev           v1           true         Event
limitranges              limits       v1           true         LimitRange
namespaces               ns           v1           false        Namespace
nodes                    no           v1           false        Node
...output omitted...

List the resource types that the oauth.openshift.io API group provides.

[student@workstation ~]$ oc api-resources --api-group oauth.openshift.io
NAME                 SHORTNAMES  APIVERSION            NAMESPACED KIND
oauthaccesstokens                oauth.openshift.io/v1 false      OAuthAccessToken
oauthauthorizationtokens         oauth.openshift.io/v1 false      OAutheAuthorizationToken
...output omitted...

Retrieve the events for the openshift-kube-controller-manager namespace.

[student@workstation ~]$ oc get events -n openshift-kube-controller-manager
LAST SEEN TYPE    REASON                  OBJECT                              ...
48m       Normal  CreatedSCCRanges        pod/kube-controller-manager-master ...
21m       Normal  CreatedSCCRanges        pod/kube-controller-manager-master ...
14m       Normal  CreatedSCCRanges        pod/kube-controller-manager-master ...

Identify the following information about the cluster services and its nodes:

Retrieve the conditions status of the etcd-master01 pod in the openshift-etcd namespace by using jq filters to limit the output.
List the compute resource usage of the containers in the etcd-master01 pod in the openshift-etcd namespace.
Get the number of allocatable pods for the master01 node by using a JSONPath filter.
List the memory and CPU usage of all pods in the cluster.
Retrieve the compute resource consumption of the master01 node.
Retrieve the capacity and allocatable CPU for the master01 node by using a JSONPath filter.

Retrieve the conditions status of the etcd-master01 pod in the openshift-etcd namespace. Use jq filters to limit the output to the .status.conditions attribute of the pod.

[student@workstation ~]$ oc get pods etcd-master01 -n openshift-etcd \
  -o json | jq .status.conditions
[
  {
    "lastProbeTime": null,
    "lastTransitionTime": "2023-03-12T16:40:35Z",
    "status": "True",
    "type": "Initialized"
  },
  {
    "lastProbeTime": null,
    "lastTransitionTime": "2023-03-12T16:40:47Z",
    "status": "True",
    "type": "Ready"
  },
  {
    "lastProbeTime": null,
    "lastTransitionTime": "2023-03-12T16:40:47Z",
    "status": "True",
    "type": "ContainersReady"
  },
  {
    "lastProbeTime": null,
    "lastTransitionTime": "2023-03-12T16:40:23Z",
    "status": "True",
    "type": "PodScheduled"
  }
]

List the resource usage of the containers in the etcd-master01 pod in the openshift-etcd namespace.

[student@workstation ~]$ oc adm top pods etcd-master01 \
  -n openshift-etcd --containers
POD             NAME           CPU(cores)   MEMORY(bytes)
etcd-master01   POD            0m           0Mi
etcd-master01   etcd           54m          1513Mi
etcd-master01   etcd-metrics   5m           24Mi
etcd-master01   etcd-readyz    4m           39Mi
etcd-master01   etcdctl        0m           0Mi

Use a JSONPath filter to determine the number of allocatable pods for the master01 node.

[student@workstation ~]$ oc get node master01 \
  -o jsonpath='{.status.allocatable.pods}{"\n"}'
250

List the memory and CPU usage of all pods in the cluster. Use the --sum option to print the sum of the resource usage. The resource usage on your system probably differs.

[student@workstation ~]$ oc adm top pods -A --sum
NAMESPACE        NAME                                    CPU(cores)  MEMORY(bytes)
metallb-system   controller-5f6dfd8c4f-ddr8v             0m          56Mi
metallb-system   metallb-operator-controller-manager-... 0m          50Mi
metallb-system   metallb-operator-webhook-server-...     0m          26Mi
metallb-system   speaker-2dds4                           9m          210Mi
...output omitted...
                                                         --------    --------
                                                         505m        8982Mi

Retrieve the resource consumption of the master01 node.

[student@workstation ~]$ oc adm top node
NAME       CPU(cores)   CPU%   MEMORY(bytes)   MEMORY%
master01   1199m        15%    12555Mi         66%

Use a JSONPath filter to determine the capacity and allocatable CPU for the master01 node.

[student@workstation ~]$ oc get node master01 -o jsonpath=\
'Allocatable: {.status.allocatable.cpu}{"\n"}'\
'Capacity: {.status.capacity.cpu}{"\n"}'
Allocatable: 7500m
Capacity: 8

Retrieve debugging information for the cluster. Specify the /home/student/DO180/labs/cli-review/debugging directory as the destination directory.

Then, generate debugging information for the kube-apiserver cluster operator. Specify the /home/student/DO180/labs/cli-review/inspect directory as the destination directory. Limit the debugging information to the last five minutes.

Retrieve debugging information for the cluster. Save the output to the /home/student/DO180/labs/cli-review/debugging directory.

[student@workstation ~]$ oc adm must-gather \
  --dest-dir /home/student/DO180/labs/cli-review/debugging
[must-gather      ] OUT Using must-gather plug-in image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:07d3...e94c
...output omitted...
Reprinting Cluster State:
When opening a support case, bugzilla, or issue please include the following summary data along with any other requested information:
ClusterID: 94ff22c1-88a0-44cf-90f6-0b7b8b545434
ClusterVersion: Stable at "4.14.0"
ClusterOperators:
        All healthy and stable

Generate debugging information for the kube-apiserver cluster operator. Save the output to the /home/student/DO180/labs/cli-review/inspect directory, and limit the debugging information to the last five minutes.

[student@workstation ~]$ oc adm inspect clusteroperator kube-apiserver \
  --dest-dir /home/student/DO180/labs/cli-review/inspect --since 5m
Gathering data for ns/metallb-system...
...output omitted...
Wrote inspect data to /home/student/DO180/labs/cli-review/inspect.

Evaluation

As the student user on the workstation machine, use the lab command to grade your work. Correct any reported failures and rerun the command until successful.

[student@workstation ~]$ lab grade cli-review

Finish

As the student user on the workstation machine, use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish cli-review

Discuss Red Hat OpenShift Administration I: Operating a Production Cluster

Go to community

Version 4.12.2 versus 4.12 of DO180 course?

DRobitaille

21 lis 2023

I just noticed that there is now a version 4.12.2 of the DO180. Currently without any new updated videos. Do we have access to some sort of changelog to judge how different the new version is compared to 4.12. I'm currently in the process of reviewing the content of DO180/DO280 in preparation for my upcoming EX280 exam (based on "4.12"), so I'm wondering if it's worth studying the 4.12.2 version instead of 4.12.

470

Red Hat OpenShift Administration I: Containers & Kubernetes (DO180)

Haley_Ruccio

20 lip 2023

Deploy, manage, and troubleshoot containerized applications running as Kubernetes workloads in OpenShift clusters.Course DescriptionRed Hat OpenShift Administration I: Managing Containers and Kubernetes (DO180) prepares OpenShift cluster administrators to manage Kubernetes workloads and to collaborate with developers, DevOps engineers, system administrators, and SREs to ensure the availability of application workloads. This course focuses on managing typical end-user applications that are often accessible from a web or mobile UI and that represent most cloud-native and containerized workloads. Managing applications also includes deploying and updating their dependencies, such as databases, messaging, and authentication systems.The skills that you learn in this course apply to all versions of OpenShift, including Red Hat OpenShift on AWS (ROSA), Azure Red Hat OpenShift, and OpenShift Container Platform.This course is based on Red Hat OpenShift 4.12.Course Content SummaryManaging OpenShift clusters from the command-line interface and from the web console.Troubleshooting network connectivity between applications inside and outside an OpenShift cluster.Connecting Kubernetes workloads to storage for application data.Configuring Kubernetes workloads for high availability and reliability.Managing updates to container images, settings, and Kubernetes manifests of an application.Target AudienceSystem administrators and platform operators who are interested in managing OpenShift clusters and containerized applications.Site Reliability Engineers who are interested in maintaining and troubleshooting containerized applications on Kubernetes.System and software architects who are interested in learning and using the features and functions of an OpenShift cluster.Developers and Site Reliability Engineers that are new to container technology should enroll in Red Hat OpenShift Development I: Introduction to Containers with Podman (DO188).Recommended trainingTake our free assessment to gauge whether this offering is the best fit for your skills.Prerequisite: Containers, Kubernetes and Red Hat OpenShift Technical Overview or equivalent knowledge of Linux containers.Technology considerationsThis course requires internet access to access the cloud-based classroom environment that provides an OpenShift cluster and a remote administrator’s workstation.

Welcome to the Red Hat OpenShift Administration (DO180) group in the Red Hat Learning Community!

Deanna

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat OpenShift Administration I - Containers & Kubernetes! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home screen.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO180.Read more about Red Hat OpenShift Administration I here.

114

Revision: do180-4.14-b6cd706