1.Create users armstrong, jobs, wozniak, jack & eric with the password password1, password2,password3, password4 and password5 (password of each user might be different) respectivelyvia htpasswd identity provider. Name of the secret to store these values should beex280-htpasswd (secret name) identity, provider name should be ex280-cluster.----------------------------------------question 1 ends here----------------------------------------------------------------------------------------------------------data extraction starts here--------------------------------------------------------Question data extraction:Given:a) Create user armstrong with the password password1. #instead of password1 it can be#anythingb) Create user jobs with the password password2.c) Create user wozniak with the password password3.d) Create user jack with the password password4.e) Create user eric with the password password5.f)Create file htpasswd which contains the secrets of the users.g) Identity provider should be ex280-cluster.-----------------------------------------data extraction ends here--------------------------------------------------------Solution–Steps to solve:>ssh [email protected]// password will be given in the instruction>yum install httpd-tools -y>oc login -u < given cluster admin username> -p < given password>>httpasswd-c -B -b ex280-htpasswd < given user> < respective password > // useoption//c one time//only for//creating//secret file> oc create secret generic ex280-cluster–from-file=htpasswd=ex280-htpasswd -nopenshift-config> oc edit oauth----------------------------------------oauth opens here--------------------------------------------------------------Note search for /spec and put the below details like that.---spec:IdentityProviders:- htpasswd:fileData:name: ex280-htpasswdmappingMethod: claimname: ex280-cluster// identity provider name given in questiontype: HTPasswd
-------------------------------------oauth close and saved here--------------------------------------------------------------> save the oauth config> oc get users // to get that users are created or not.reference: note some data in picture might be incorrect < like names and all but take refrence fromabove command >
End of 1stquestion2) Create 5 new-projects with names like ( example: project1, project2, project3, project4, project5 )and assign the roles to the respective user create as: armstrong is admin of project1, jack & eric hasview permission on project2, wozniak has edit power on project1---------------------------------------------question 2 ends here ----------------------------------------------------------------------------------------------------data extraction starts here--------------------------------------------------------Question data extraction:Given:a) Create 5 new projects as project1, project2, project3, project4, project5.a) user armstrong is admin of the project1.b) user jack and eric have view permissions on project2.c) user wozniak has power to edit in project1.------------------------------------------data extraction ends here--------------------------------------------------------
Sol:> oc new-project < project name >> oc policy add-role-to-user < role > < user > -n < project name >Note: replace < role > with admin, edit, view as asked in question for respective user.Refrence images:
3) Assign cluster permission to the users as: Jobs ( cluster admin user ) would be the cluster admin,wozniak would not be allowed cluster admin powers, No user would be able to provision projects,Jack ( provisioner user ) would be allowed to provision projects. kubeadmin user should be deleted.
Upload your study docs or become a
Course Hero member to access this document
Upload your study docs or become a
Course Hero member to access this document
End of preview. Want to read all 30 pages?
Upload your study docs or become a
Course Hero member to access this document
Term
Spring
Professor
EpanKerTuw
Tags
