DO380 - ch01s12

Preface A: Introduction

Section A.1: Red Hat OpenShift Administration III: Scaling Deployments in the Enterprise

Section A.2: Orientation to the Classroom Environment

Section A.3: Performing Lab Exercises

Chapter 1: Authentication and Identity Management

Section 1.1: The OpenShift OAuth Server and Identity Providers

Section 1.2: Quiz: The OpenShift OAuth Server and Identity Providers

Section 1.3: LDAP Authentication and Group Synchronization

Section 1.4: Guided Exercise: LDAP Authentication and Group Synchronization

Section 1.5: Guided Exercise: Automate LDAP Group Synchronization

Section 1.6: OIDC Authentication and Group Claims

Section 1.7: Guided Exercise: OIDC Authentication and Group Claims

Section 1.8: Guided Exercise: Solve User Sync Conflicts

Section 1.9: Token and Client Certificate Authentication with kubeconfig Files

Section 1.10: Guided Exercise: Token and Client Certificate Authentication with kubeconfig Files

Section 1.11: Lab: Authentication and Identity Management

SectionSection 1.12: Summary

Chapter 2: Backup, Restore, and Migration of Applications with OADP

Section 2.1: Export and Import Application Data and Settings

Section 2.2: Guided Exercise: Export and Import Application Data and Settings

Section 2.3: OADP Operator Deployment and Features

Section 2.4: Guided Exercise: OADP Operator Deployment and Features

Section 2.5: Backup and Restore with OADP

Section 2.6: Guided Exercise: Backup and Restore with OADP

Section 2.7: Lab: Backup, Restore, and Migration of Applications with OADP

Section 2.8: Summary

Chapter 3: Cluster Partitioning

Section 3.1: Node Pools

Section 3.2: Quiz: Node Pools

Section 3.3: Node Configuration with the Machine Configuration Operator

Section 3.4: Guided Exercise: Node Configuration with the Machine Configuration Operator

Section 3.5: Node Configuration with Special Purpose Operators

Section 3.6: Guided Exercise: Node Configuration with Special Purpose Operators

Section 3.7: Lab: Cluster Partitioning

Section 3.8: Summary

Chapter 4: Pod Scheduling

Section 4.1: Pod Scheduling Concepts

Section 4.2: Quiz: Pod Scheduling Concepts

Section 4.3: Quiz: Pod Scheduling Scenarios

Section 4.4: Node Selectors and Taints

Section 4.5: Guided Exercise: Node Selectors and Taints

Section 4.6: High Availability with Affinity Rules and Pod Disruption Budgets

Section 4.7: Guided Exercise: High Availability with Affinity Rules and Pod Disruption Budgets

Section 4.8: Lab: Pod Scheduling

Section 4.9: Summary

Chapter 5: OpenShift GitOps

Section 5.1: GitOps for Kubernetes

Section 5.2: Quiz: GitOps for Kubernetes

Section 5.3: GitOps for Cluster Administration

Section 5.4: Guided Exercise: GitOps for Cluster Administration

Section 5.5: GitOps for Application Management

Section 5.6: Guided Exercise: GitOps for Application Management

Section 5.7: Lab: OpenShift GitOps

Section 5.8: Summary

Chapter 6: OpenShift Monitoring

Section 6.1: Cluster Monitoring

Section 6.2: Guided Exercise: Cluster Monitoring

Section 6.3: Alerts and Notifications

Section 6.4: Guided Exercise: Alerts and Notifications

Section 6.5: Lab: OpenShift Monitoring

Section 6.6: Summary

Chapter 7: OpenShift Logging

Section 7.1: Log Forwarding

Section 7.2: Guided Exercise: Log Forwarding

Section 7.3: Centralized Logging

Section 7.4: Guided Exercise: Centralized Logging

Section 7.5: Lab: OpenShift Logging

Section 7.6: Summary

Chapter 8: Comprehensive Review

Section 8.1: Comprehensive Review

Section 8.2: Lab: Cluster Administration

Bookmark this page

P 1 2 3 4 5 6 7 8

Summary

OpenShift expands the Kubernetes authentication mechanisms by providing a built-in OAuth server to configure external identity providers (IdPs).
You can authenticate to OpenShift by using client certificates and OAuth access tokens.
OpenShift includes users, groups, and identities.
The mapping methods in OpenShift control how OpenShift establishes mappings between the identities of IdPs and the user resources.
In the OpenShift built-in OAuth server, you can configure different IdPs, such as LDAP and OIDC.
When you configure an LDAP IdP, OpenShift automatically synchronizes the users, but not the groups. Synchronizing LDAP groups requires manual action by an administrator and custom automation.
Use OIDC to automatically synchronize users and groups from an OIDC IdP, such as Google, Microsoft Identity Platform, or Keycloak.
OIDC claims enable OpenShift to read the user information from the OIDC token and to populate the user, identity, and group resources.
OpenShift provides by default the kubeadmin user, which is a special system-level user account with administrative access.
Use service accounts and client certificates to authenticate external resources to the Kubernetes API.

Discuss Red Hat OpenShift Administration III: Scaling Deployments in the Enterprise

Go to community

Welcome to Red Hat OpenShift Administration III: Scaling Kubernetes Deployments in the Enterprise!

Syed

12 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat OpenShift Administration III: Scaling Kubernetes Deployments in the Enterprise! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO378.Read more about Red Hat OpenShift Administration III: Scaling Kubernetes Deployments in the Enterprise here.

3

0

30

Revision: do380-4.14-397a507