In this blog, i will explain how to enable OpenShift web console.

First, you should know that the default behavior of a freshly installed OpenShift Container Platform instance is to deny any user from logging in, so as a first step, we need to change the authentication method to HTPasswd:

  1. Open the /etc/origin/master/master-config.yaml file in edit mode.
  2. Find the identityProviders section.
  3. Change DenyAllPasswordIdentityProvider to HTPasswdPasswordIdentityProvider provider
  4. Change the value of the name label to htpasswd_auth and add a new line file as /etc/origin/openshift-passwd in the provider section.
  5. An example identityProviders section with HTPasswdPasswordIdentityProvider would look like the following.
...
identityProviders:
- challenge: true
login: true
name: htpasswd_auth provider
provider:
apiVersion: v1
kind: HTPasswdPasswordIdentityProvider
file: /etc/origin/openshift-passwd

Save the file.

Now that you are using the HTPasswdPasswordIdentityProvider provider, next steps is to create user account.

  1. You can use the httpd-tools package to obtain the htpasswd binary that can generate these accounts yum -y install httpd-tools
  2. Create a user account.
touch /etc/origin/openshift-passwd
htpasswd -b /etc/origin/openshift-passwd admin admin

You have created a user, admin, with the password, admin.

  1. Restart OpenShift before going forward using systemctl restart atomic-openshift-master-api atomic-openshift-master-controllers
  2. Give this user account cluster-admin privileges, which allows it to do everything. oadm policy add-cluster-role-to-user cluster-admin admin
  3. You can use this username/password combination to log in via the web console or the command line. To test this, run the following command “oc login -u system:admin -n default” or login to your browser with username and password (admin/admin): https://<web console ip address>:8443/console

Congratulations, now you have successfully enabled OpenShift Enterprise Web Console 🙂