In this blog, i will explain how to enable OpenShift web console.
First, you should know that the default behavior of a freshly installed OpenShift Container Platform instance is to deny any user from logging in, so as a first step, we need to change the authentication method to HTPasswd:
- Open the /etc/origin/master/master-config.yaml file in edit mode.
- Find the identityProviders section.
- Change DenyAllPasswordIdentityProvider to HTPasswdPasswordIdentityProvider provider
- Change the value of the name label to htpasswd_auth and add a new line file as /etc/origin/openshift-passwd in the provider section.
- An example identityProviders section with HTPasswdPasswordIdentityProvider would look like the following.
... identityProviders: - challenge: true login: true name: htpasswd_auth provider provider: apiVersion: v1 kind: HTPasswdPasswordIdentityProvider file: /etc/origin/openshift-passwd
Save the file.
Now that you are using the HTPasswdPasswordIdentityProvider provider, next steps is to create user account.
- You can use the httpd-tools package to obtain the htpasswd binary that can generate these accounts
yum -y install httpd-tools
- Create a user account.
touch /etc/origin/openshift-passwd htpasswd -b /etc/origin/openshift-passwd admin admin
You have created a user, admin, with the password, admin.
- Restart OpenShift before going forward using systemctl restart atomic-openshift-master-api atomic-openshift-master-controllers
- Give this user account cluster-admin privileges, which allows it to do everything. oadm policy add-cluster-role-to-user cluster-admin admin
- You can use this username/password combination to log in via the web console or the command line. To test this, run the following command “oc login -u system:admin -n default” or login to your browser with username and password (admin/admin): https://<web console ip address>:8443/console
Congratulations, now you have successfully enabled OpenShift Enterprise Web Console 🙂