openshift-tips.txt

OSE TIPS:

To edit/view security in OCP

   oc edit scc privileged
   
To edit/view ANY UID in OCP
   
   oc edit scc anyuid   

To give cluster-admin role to a user

1.	login as admin in openshift 

2.	# Give cluster-admin role at the cluster scope

	oadm policy add-cluster-role-to-user cluster-admin <user name> 
	oadm policy add-cluster-role-to-user cluster-admin pkar	-- for example

3.	# Give privileged scc access to the user
	
	oadm policy add-scc-to-user privileged <user name>
	oadm policy add-scc-to-user privileged pkar	-- for example
	
Run pod/container with root privilege
       
   oadm policy add-scc-to-user anyuid -z default
   
Enable Container Images that Require Root

   oadm policy add-scc-to-user anyuid system:serviceaccount:<project>:<service account>
   oadm policy add-scc-to-user anyuid system:serviceaccount:myproject:mysvcacct

For any Security related

   https://docs.openshift.com/enterprise/3.2/admin_guide/manage_scc.html

Command for daily use:

oc login -u system:admin
oc whoami
oc whoami -t 
oc get nodes --show-labels=true
oc adm policy add-cluster-role-to-user cluster-admin <username>
oc label node <nodename> <key>=<value>
oc adm policy add-scc-to-user anyuid -z default -n <namespace>
oc adm policy add-role-to-user admin <username> -n <namespace>