ResourceAccessReview [authorization.openshift.io/v1]

来源 1 浏览 131 扫码打印 2023-05-22 21:50:50

ResourceAccessReview [authorization.openshift.io/v1]

ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec

Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).

Type

Required

verb
resourceAPIGroup
resourceAPIVersion
resourceName
path
isNonResourceURL

API endpoints

The following API endpoints are available:

HTTP method

POST

Description

create a ResourceAccessReview

About
- Welcome
API reference
- API list
- Editing kubelet log level verbosity and gathering logs
- Authorization APIs
  - TokenRequest [authentication.k8s.io/v1]
  - SelfSubjectRulesReview [authorization.openshift.io/v1]
  - SubjectAccessReview [authorization.k8s.io/v1]
  - About Authorization APIs
  - LocalResourceAccessReview [authorization.openshift.io/v1]
  - SubjectAccessReview [authorization.openshift.io/v1]
  - TokenReview [authentication.k8s.io/v1]
  - LocalSubjectAccessReview [authorization.openshift.io/v1]
  - SelfSubjectRulesReview [authorization.k8s.io/v1]
  - LocalSubjectAccessReview [authorization.k8s.io/v1]
  - ResourceAccessReview [authorization.openshift.io/v1]
  - SelfSubjectAccessReview [authorization.k8s.io/v1]
  - SubjectRulesReview [authorization.openshift.io/v1]
- Autoscale APIs
  - Scale [autoscaling/v1]
  - ClusterAutoscaler [autoscaling.openshift.io/v1]
  - MachineAutoscaler [autoscaling.openshift.io/v1beta1]
  - About Autoscale APIs
  - HorizontalPodAutoscaler [autoscaling/v2]
- Common object reference
  - Index
- Config APIs
  - Ingress [config.openshift.io/v1]
  - ClusterOperator [config.openshift.io/v1]
  - Project [config.openshift.io/v1]
  - Build [config.openshift.io/v1]
  - Node [config.openshift.io/v1]
  - ImageContentPolicy [config.openshift.io/v1]
  - OperatorHub [config.openshift.io/v1]
  - Console [config.openshift.io/v1]
  - FeatureGate [config.openshift.io/v1]
  - Proxy [config.openshift.io/v1]
  - ClusterVersion [config.openshift.io/v1]
  - About Config APIs
  - DNS [config.openshift.io/v1]
  - APIServer [config.openshift.io/v1]
  - ProjectHelmChartRepository [helm.openshift.io/v1beta1]
  - OAuth [config.openshift.io/v1]
  - Image [config.openshift.io/v1]
  - ImageTagMirrorSet [config.openshift.io/v1]
  - Scheduler [config.openshift.io/v1]
  - Network [config.openshift.io/v1]
  - Authentication [config.openshift.io/v1]
  - HelmChartRepository [helm.openshift.io/v1beta1]
  - ImageDigestMirrorSet [config.openshift.io/v1]
  - Infrastructure [config.openshift.io/v1]
- Console APIs
  - ConsolePlugin [console.openshift.io/v1]
  - ConsoleExternalLogLink [console.openshift.io/v1]
  - ConsoleNotification [console.openshift.io/v1]
  - ConsoleLink [console.openshift.io/v1]
  - ConsoleQuickStart [console.openshift.io/v1]
  - ConsoleCLIDownload [console.openshift.io/v1]
  - ConsoleYAMLSample [console.openshift.io/v1]
  - About Console APIs
- Extension APIs
  - ValidatingWebhookConfiguration [admissionregistration.k8s.io/v1]
  - About Extension APIs
  - CustomResourceDefinition [apiextensions.k8s.io/v1]
  - MutatingWebhookConfiguration [admissionregistration.k8s.io/v1]
  - APIService [apiregistration.k8s.io/v1]
- Image APIs
  - SecretList [image.openshift.io/v1]
  - ImageTag [image.openshift.io/v1]
  - ImageSignature [image.openshift.io/v1]
  - ImageStreamTag [image.openshift.io/v1]
  - About Image APIs
  - ImageStream [image.openshift.io/v1]
  - ImageStreamMapping [image.openshift.io/v1]
  - ImageStreamImport [image.openshift.io/v1]
  - ImageStreamLayers [image.openshift.io/v1]
  - ImageStreamImage [image.openshift.io/v1]
  - Image [image.openshift.io/v1]
- Machine APIs
  - ControlPlaneMachineSet [machine.openshift.io/v1]
  - MachineConfig [machineconfiguration.openshift.io/v1]
  - ControllerConfig [machineconfiguration.openshift.io/v1]
  - KubeletConfig [machineconfiguration.openshift.io/v1]
  - ContainerRuntimeConfig [machineconfiguration.openshift.io/v1]
  - MachineHealthCheck [machine.openshift.io/v1beta1]
  - MachineSet [machine.openshift.io/v1beta1]
  - MachineConfigPool [machineconfiguration.openshift.io/v1]
  - Machine [machine.openshift.io/v1beta1]
  - About Machine APIs
- Metadata APIs
  - Event [undefined/v1]
  - Lease [coordination.k8s.io/v1]
  - Event [events.k8s.io/v1]
  - About Metadata APIs
  - ControllerRevision [apps/v1]
  - ComponentStatus [undefined/v1]
  - ConfigMap [undefined/v1]
  - APIRequestCount [apiserver.openshift.io/v1]
  - Namespace [undefined/v1]
  - Binding [undefined/v1]
- Monitoring APIs
  - ThanosRuler [monitoring.coreos.com/v1]
  - ServiceMonitor [monitoring.coreos.com/v1]
  - PodMonitor [monitoring.coreos.com/v1]
  - Alertmanager [monitoring.coreos.com/v1]
  - PrometheusRule [monitoring.coreos.com/v1]
  - Probe [monitoring.coreos.com/v1]
  - AlertmanagerConfig [monitoring.coreos.com/v1beta1]
  - Prometheus [monitoring.coreos.com/v1]
  - About Monitoring APIs
- Network APIs
  - EgressQoS [k8s.ovn.org/v1]
  - CloudPrivateIPConfig [cloud.network.openshift.io/v1]
  - IPPool [whereabouts.cni.cncf.io/v1alpha1]
  - NetworkPolicy [networking.k8s.io/v1]
  - PodNetworkConnectivityCheck [controlplane.operator.openshift.io/v1alpha1]
  - EgressRouter [network.operator.openshift.io/v1]
  - About Network APIs
  - EgressFirewall [k8s.ovn.org/v1]
  - NetworkAttachmentDefinition [k8s.cni.cncf.io/v1]
  - OverlappingRangeIPReservation [whereabouts.cni.cncf.io/v1alpha1]
  - Ingress [networking.k8s.io/v1]
  - Service [undefined/v1]
  - Endpoints [undefined/v1]
  - Route [route.openshift.io/v1]
  - EgressIP [k8s.ovn.org/v1]
  - EndpointSlice [discovery.k8s.io/v1]
  - IngressClass [networking.k8s.io/v1]
- Node APIs
  - RuntimeClass [node.k8s.io/v1]
  - Tuned [tuned.openshift.io/v1]
  - Node [undefined/v1]
  - PerformanceProfile [performance.openshift.io/v2]
  - About Node APIs
  - Profile [tuned.openshift.io/v1]
- OAuth APIs
  - OAuthClient [oauth.openshift.io/v1]
  - OAuthClientAuthorization [oauth.openshift.io/v1]
  - OAuthAuthorizeToken [oauth.openshift.io/v1]
  - About OAuth APIs
  - OAuthAccessToken [oauth.openshift.io/v1]
  - UserOAuthAccessToken [oauth.openshift.io/v1]
- Operator APIs
  - KubeScheduler [operator.openshift.io/v1]
  - Config [imageregistry.operator.openshift.io/v1]
  - CSISnapshotController [operator.openshift.io/v1]
  - Network [operator.openshift.io/v1]
  - CloudCredential [operator.openshift.io/v1]
  - KubeControllerManager [operator.openshift.io/v1]
  - DNSRecord [ingress.operator.openshift.io/v1]
  - Config [operator.openshift.io/v1]
  - ImagePruner [imageregistry.operator.openshift.io/v1]
  - ImageContentSourcePolicy [operator.openshift.io/v1alpha1]
  - OpenShiftControllerManager [operator.openshift.io/v1]
  - ClusterCSIDriver [operator.openshift.io/v1]
  - Config [samples.operator.openshift.io/v1]
  - OperatorPKI [network.operator.openshift.io/v1]
  - KubeAPIServer [operator.openshift.io/v1]
  - OpenShiftAPIServer [operator.openshift.io/v1]
  - Storage [operator.openshift.io/v1]
  - Authentication [operator.openshift.io/v1]
  - ServiceCA [operator.openshift.io/v1]
  - InsightsOperator [operator.openshift.io/v1]
  - Etcd [operator.openshift.io/v1]
  - IngressController [operator.openshift.io/v1]
  - Console [operator.openshift.io/v1]
  - KubeStorageVersionMigrator [operator.openshift.io/v1]
  - About Operator APIs
  - DNS [operator.openshift.io/v1]
- OperatorHub APIs
  - CatalogSource [operators.coreos.com/v1alpha1]
  - InstallPlan [operators.coreos.com/v1alpha1]
  - Subscription [operators.coreos.com/v1alpha1]
  - PackageManifest [packages.operators.coreos.com/v1]
  - OperatorCondition [operators.coreos.com/v2]
  - OperatorGroup [operators.coreos.com/v1]
  - OLMConfig [operators.coreos.com/v1]
  - Operator [operators.coreos.com/v1]
  - ClusterServiceVersion [operators.coreos.com/v1alpha1]
  - About OperatorHub APIs
- Policy APIs
  - Eviction [policy/v1]
  - About Policy APIs
  - PodDisruptionBudget [policy/v1]
- Project APIs
  - About Project APIs
  - Project [project.openshift.io/v1]
  - ProjectRequest [project.openshift.io/v1]
- Provisioning APIs
  - Metal3Remediation [infrastructure.cluster.x-k8s.io/v1beta1]
  - HostFirmwareSettings [metal3.io/v1alpha1]
  - BMCEventSubscription [metal3.io/v1alpha1]
  - Metal3RemediationTemplate [infrastructure.cluster.x-k8s.io/v1beta1]
  - About Provisioning APIs
  - BareMetalHost [metal3.io/v1alpha1]
  - PreprovisioningImage [metal3.io/v1alpha1]
  - Provisioning [metal3.io/v1alpha1]
  - FirmwareSchema [metal3.io/v1alpha1]
  - HardwareData [metal3.io/v1alpha1]
- RBAC APIs
  - Role [rbac.authorization.k8s.io/v1]
  - ClusterRoleBinding [rbac.authorization.k8s.io/v1]
  - RoleBinding [rbac.authorization.k8s.io/v1]
  - ClusterRole [rbac.authorization.k8s.io/v1]
  - About RBAC APIs
- Role APIs
  - ClusterRole [authorization.openshift.io/v1]
  - ClusterRoleBinding [authorization.openshift.io/v1]
  - About Role APIs
  - RoleBindingRestriction [authorization.openshift.io/v1]
  - RoleBinding [authorization.openshift.io/v1]
  - Role [authorization.openshift.io/v1]
- Schedule and quota APIs
  - FlowSchema [flowcontrol.apiserver.k8s.io/v1beta1]
  - LimitRange [undefined/v1]
  - AppliedClusterResourceQuota [quota.openshift.io/v1]
  - PriorityClass [scheduling.k8s.io/v1]
  - ResourceQuota [undefined/v1]
  - PriorityLevelConfiguration [flowcontrol.apiserver.k8s.io/v1beta1]
  - ClusterResourceQuota [quota.openshift.io/v1]
  - About Schedule and quota APIs
- Security APIs
  - CertificateSigningRequest [certificates.k8s.io/v1]
  - PodSecurityPolicySelfSubjectReview [security.openshift.io/v1]
  - SecurityContextConstraints [security.openshift.io/v1]
  - CredentialsRequest [cloudcredential.openshift.io/v1]
  - About Security APIs
  - RangeAllocation [security.openshift.io/v1]
  - PodSecurityPolicyReview [security.openshift.io/v1]
  - Secret [undefined/v1]
  - ServiceAccount [undefined/v1]
  - PodSecurityPolicySubjectReview [security.openshift.io/v1]
- Storage APIs
  - CSIStorageCapacity [storage.k8s.io/v1]
  - VolumeSnapshotClass [snapshot.storage.k8s.io/v1]
  - StorageState [migration.k8s.io/v1alpha1]
  - StorageClass [storage.k8s.io/v1]
  - CSIDriver [storage.k8s.io/v1]
  - About Storage APIs
  - VolumeAttachment [storage.k8s.io/v1]
  - VolumeSnapshotContent [snapshot.storage.k8s.io/v1]
  - VolumeSnapshot [snapshot.storage.k8s.io/v1]
  - PersistentVolume [undefined/v1]
  - CSINode [storage.k8s.io/v1]
  - StorageVersionMigration [migration.k8s.io/v1alpha1]
  - PersistentVolumeClaim [undefined/v1]
- Template APIs
  - TemplateInstance [template.openshift.io/v1]
  - Template [template.openshift.io/v1]
  - PodTemplate [undefined/v1]
  - BrokerTemplateInstance [template.openshift.io/v1]
  - About Template APIs
- User and group APIs
  - About User and group APIs
  - User [user.openshift.io/v1]
  - Group [user.openshift.io/v1]
  - Identity [user.openshift.io/v1]
  - UserIdentityMapping [user.openshift.io/v1]
- Workloads APIs
  - StatefulSet [apps/v1]
  - DeploymentLog [apps.openshift.io/v1]
  - BuildRequest [build.openshift.io/v1]
  - Job [batch/v1]
  - Build [build.openshift.io/v1]
  - DeploymentConfigRollback [apps.openshift.io/v1]
  - DeploymentConfig [apps.openshift.io/v1]
  - About Workloads APIs
  - ReplicaSet [apps/v1]
  - ReplicationController [undefined/v1]
  - DeploymentRequest [apps.openshift.io/v1]
  - CronJob [batch/v1]
  - Deployment [apps/v1]
  - DaemonSet [apps/v1]
  - Pod [undefined/v1]
  - BuildLog [build.openshift.io/v1]
  - BuildConfig [build.openshift.io/v1]
- API compatibility guidelines
- Understanding API tiers
Architecture
- Architecture overview
- Fedora CoreOS
- Control plane architecture
- Understanding OKD development
- Installation and update
- Product architecture
Authentication and authorization
- Syncing LDAP groups
- Configuring OAuth clients
- Understanding and creating service accounts
- Using a service account as an OAuth client
- Authentication and authorization overview
- Using service accounts in applications
- Removing the kubeadmin user
- Configuring the internal OAuth server
- Using RBAC to define and apply permissions
- Managing user-owned OAuth access tokens
- Using bound service account tokens
- Understanding authentication
- Managing security context constraints
- Impersonating the system:admin user
- Managing cloud provider credentials
- Scoping tokens
- Understanding and managing pod security admission
- Understanding identity provider configuration
- Configuring identity providers
Backup and restore
- Overview of backup and restore operations
- Shutting down a cluster gracefully
- Application backup and restore
- Control plane backup and restore
- Restarting a cluster gracefully
Building applications
- Deleting applications
- Viewing application composition using the Topology view
- Editing applications
- Monitoring project and application metrics using the Developer perspective
- Pruning objects to reclaim resources
- Exporting applications
- Monitoring application health
- Building applications overview
- Creating applications
- Deployments
- Projects
- Quotas
  - Resource quotas across multiple projects
  - Resource quotas per project
- Working with Helm charts
- Idling applications
- Using config maps with applications
- Using the Red Hat Marketplace
- Connecting applications to services
CI/CD
- Builds
- CI/CD overview
CLI tools
- CLI tools overview
- OpenShift CLI (oc)
- Operator SDK
  - Operator SDK CLI reference
  - Installing the Operator SDK CLI
- opm CLI
  - Installing the opm CLI
  - opm CLI reference
- Knative CLI (kn) for use with OpenShift Serverless
- Developer CLI (odo)
Hosted control planes
- Managing hosted control planes
- Backup, restore, and disaster recovery for hosted control planes
- Hosted control planes overview
- Configuring hosted control planes
Images
- Using the Cluster Samples Operator with an alternate registry
- Creating images
- Image configuration resources
- Configuring the Cluster Samples Operator
- Using templates
- Managing image streams
- Triggering updates on image stream changes
- Using Ruby on Rails
- Using image streams with Kubernetes resources
- Overview of images
- Managing images
- Using images
Installing
- Installation overview
- Cluster capabilities
- Selecting an installation method and preparing a cluster
- Validating an installation
- Troubleshooting installation issues
- Disconnected installation mirroring
  - Mirroring images for a disconnected installation
  - About disconnected installation mirroring
  - Mirroring images for a disconnected installation using the oc-mirror plugin
  - Creating a mirror registry with mirror registry for Red Hat OpenShift
- Installation configuration
  - Configuring your firewall
  - Customizing nodes
- Installing on Alibaba
  - Installing a cluster on Alibaba Cloud into an existing VPC
  - Installing a cluster on Alibaba Cloud with network customizations
  - Uninstalling a cluster on Alibaba Cloud
  - Creating the required Alibaba Cloud resources
  - Installing a cluster on Alibaba Cloud with customizations
  - Preparing to install on Alibaba Cloud
  - Installing a cluster quickly on Alibaba Cloud
- Installing on any platform
  - Installing a cluster on any platform
- Installing on AWS
  - Installing a cluster on AWS with remote workers on AWS Outposts
  - Installing a cluster on AWS into an existing VPC
  - Installing a cluster on AWS in a restricted network
  - Installing a cluster on AWS using CloudFormation templates
  - Installing a cluster on AWS with customizations
  - Installing a cluster on AWS with network customizations
  - Installing a cluster on AWS into a China region
  - Installing a cluster quickly on AWS
  - Manually creating IAM
  - Installing a three-node cluster on AWS
  - Installing a cluster using AWS Local Zones
  - Expanding a cluster with on-premise bare metal nodes
  - Uninstalling a cluster on AWS
  - Installing a private cluster on AWS
  - Preparing to install on AWS
  - Configuring an AWS account
  - Installing a cluster on AWS into a government region
  - Installing a cluster on AWS in a restricted network with user-provisioned infrastructure
  - Installing a cluster on AWS into a Secret or Top Secret Region
- Installing on Azure
  - Installing a three-node cluster on Azure
  - Enabling user-managed encryption on Azure
  - Configuring an Azure account
  - Uninstalling a cluster on Azure
  - Preparing to install on Azure
  - Installing a cluster on Azure with customizations
  - Installing a cluster on Azure using ARM templates
  - Installing a cluster on Azure with network customizations
  - Installing a cluster on Azure into a government region
  - Installing a cluster on Azure into an existing VNet
  - Installing a private cluster on Azure
  - Manually creating IAM
  - Installing a cluster quickly on Azure
- Installing on Azure Stack Hub
  - Installing a cluster on Azure Stack Hub using ARM templates
  - Uninstalling a cluster on Azure Stack Hub
  - Installing a cluster on Azure Stack Hub with an installer-provisioned infrastructure
  - Installing a cluster on Azure Stack Hub with network customizations
  - Configuring an Azure Stack Hub account
  - Preparing to install on Azure Stack Hub
- Installing on bare metal
  - Installing a user-provisioned bare metal cluster with network customizations
  - Preparing to install on bare metal
  - Installing a user-provisioned bare metal cluster on a restricted network
  - Installing a user-provisioned cluster on bare metal
  - Scaling a user-provisioned installation with the bare metal operator
- Installing on GCP
  - Uninstalling a cluster on GCP
  - Manually creating IAM
  - Preparing to install on GCP
  - Installing a cluster on GCP with network customizations
  - Installing a cluster on GCP into a shared VPC
  - Installing a cluster on GCP into an existing VPC
  - Installing a cluster on GCP in a restricted network
  - Installing a cluster on GCP in a restricted network with user-provisioned infrastructure
  - Installing a private cluster on GCP
  - Installing a cluster into a shared VPC on GCP using Deployment Manager templates
  - Installing a cluster on GCP with customizations
  - Installing a cluster quickly on GCP
  - Installing a three-node cluster on GCP
  - Configuring a GCP project
  - Installing a cluster on GCP using Deployment Manager templates
- Installing on IBM Cloud VPC
  - Preparing to install on IBM Cloud VPC
  - Uninstalling a cluster on IBM Cloud VPC
  - Configuring an IBM Cloud account
  - Installing a private cluster on IBM Cloud VPC
  - Configuring IAM for IBM Cloud VPC
  - Installing a cluster on IBM Cloud VPC with network customizations
  - Installing a cluster on IBM Cloud VPC into an existing VPC
  - Installing a cluster on IBM Cloud VPC with customizations
- Installing on Nutanix
  - Uninstalling a cluster on Nutanix
  - Installing a cluster on Nutanix in a restricted network
  - Preparing to install on Nutanix
  - Installing a cluster on Nutanix
- Installing on OpenStack
  - Installing a cluster on OpenStack on your own infrastructure
  - Installing a cluster on OpenStack with customizations
  - Uninstalling a cluster on OpenStack from your own infrastructure
  - Installing a cluster on OpenStack with Kuryr on your own infrastructure
  - OpenStack Cloud Controller Manager reference guide
  - Installing a cluster on OpenStack with Kuryr
  - Preparing to install a cluster that uses SR-IOV or OVS-DPDK on OpenStack
  - Installing a cluster on OpenStack in a restricted network
  - Preparing to install on OpenStack
  - Uninstalling a cluster on OpenStack
- Installing on oVirt
  - Installing a cluster on oVirt with user-provisioned infrastructure
  - Uninstalling a cluster on oVirt
  - Installing a cluster on oVirt with customizations
  - Installing a cluster quickly on oVirt
  - Preparing to install on RHV
  - Installing a cluster on RHV in a restricted network
- Installing on VMC
  - Installing a cluster on VMC with user-provisioned infrastructure
  - Uninstalling a cluster on VMC
  - Installing a cluster on VMC with network customizations
  - Installing a cluster on VMC
  - Installing a cluster on VMC in a restricted network
  - Preparing to install on VMC
  - Installing a cluster on VMC in a restricted network with user-provisioned infrastructure
  - Installing a three-node cluster on VMC
  - Installing a cluster on VMC with customizations
  - Installing a cluster on VMC with user-provisioned infrastructure and network customizations
- Installing on vSphere
  - Installing a cluster on vSphere with user-provisioned infrastructure
  - Configuring the vSphere connection settings after an installation
  - Installing a cluster on vSphere in a restricted network
  - Uninstalling a cluster on vSphere that uses installer-provisioned infrastructure
  - Installing a cluster on vSphere with user-provisioned infrastructure and network customizations
  - Installing a cluster on vSphere in a restricted network with user-provisioned infrastructure
  - Using the vSphere Problem Detector Operator
  - Installing a cluster on vSphere with customizations
  - Installing a three-node cluster on vSphere
  - Installing a cluster on vSphere
  - Preparing to install on vSphere
  - Installing a cluster on vSphere with network customizations
- Installing bare metal clusters on IBM Cloud
  - Prerequisites
  - Installation workflow
- Deploying installer-provisioned clusters on bare metal
  - Post-installation configuration
  - Setting up the environment for an OpenShift installation
  - Expanding the cluster
  - Prerequisites
  - Overview
  - Troubleshooting
Logging
- Installing Logging
- Uninstalling Logging
- Viewing logs for a specific resource
- About Logging
- Logging with the LokiStack
- Viewing cluster logs in Kibana
- Updating Logging
- Exported fields
- Enabling JSON logging
- Collecting and storing Kubernetes events
- Release notes
- Forwarding logs to third party systems
- Viewing cluster dashboards
- Configuring your Logging deployment
- Logging 5.5
- Logging 5.6
- Logging 5.7
- Troubleshooting Logging
Machine management
- Managing user-provisioned infrastructure manually
- Applying autoscaling to a cluster
- Deleting a machine
- Creating infrastructure machine sets
- Overview of machine management
- Deploying machine health checks
- Modifying a compute machine set
- Managing machines with the Cluster API
- Manually scaling a compute machine set
- Managing compute machines with the Machine API
- Managing control plane machines
Migrating from version 3 to 4
- Upgrading MTC
- About MTC
- Migrating your applications
- Installing MTC in a restricted network environment
- Migrating from version 3 to 4 overview
- Troubleshooting
- Differences between OKD 3 and 4
- Premigration checklists
- Network considerations
- Advanced migration options
- Installing MTC
- About migrating from OKD 3 to 4
Migration Toolkit for Containers
- Network considerations
- Installing MTC in a restricted network environment
- Migrating your applications
- MTC release notes
- Premigration checklists
- About MTC
- Advanced migration options
- Troubleshooting
- Installing MTC
- Upgrading MTC
Monitoring
- Troubleshooting monitoring issues
- Accessing third-party monitoring APIs
- Querying metrics
- Enabling monitoring for user-defined projects
- Monitoring bare-metal events
- Managing alerts
- The NVIDIA GPU administration dashboard
- Configuring the monitoring stack
- Managing metrics targets
- Config map reference for the Cluster Monitoring Operator
- Enabling alert routing for user-defined projects
- Reviewing monitoring dashboards
- Managing metrics
- Monitoring overview
Networking
- Configuring IP failover
- Networking Operators overview
- Accessing hosts
- Developing PTP events consumer applications
- Configuring the node port service range
- Understanding networking
- Ingress sharding
- Verifying connectivity to an endpoint
- Associating secondary interfaces metrics to network attachments
- Configuring the cluster-wide proxy
- Configuring a custom PKI
- Using SCTP
- Changing the cluster network MTU
- Configuring the Ingress Controller endpoint publishing strategy
- Understanding the Ingress Node Firewall Operator
- Configuring the cluster network IP address range
- Using PTP hardware
- Configuring interface-level network sysctls
- Understanding the DNS Operator
- Configuring the Ingress Controller for manual DNS management
- Load balancing on OpenStack
- Understanding the Ingress Operator
- About networking
- Understanding the Cluster Network Operator
- AWS Load Balancer Operator
  - Installing the AWS Load Balancer Operator on Security Token Service cluster
  - Creating an instance of the AWS Load Balancer Controller
  - Installing the AWS Load Balancer Operator
  - Configuring cluster-wide proxy on the AWS Load Balancer Operator
  - Serving Multiple Ingresses through a single AWS Load Balancer
  - Adding TLS termination on the AWS Load Balancer
  - AWS Load Balancer Operator release notes
  - Understanding the AWS Load Balancer Operator
- Configuring ingress cluster traffic
  - Configuring ingress cluster traffic using a load balancer
  - Overview
  - Configuring ingress cluster traffic using load balancer allowed source ranges
  - Configuring ingress cluster traffic using an Ingress Controller
  - Configuring ingress cluster traffic using a NodePort
  - Configuring ingress cluster traffic on AWS
  - Configuring ingress cluster traffic using a service external IP
  - Configuring ExternalIPs for services
- Configuring Routes
  - Secured routes
  - Route configuration
- External DNS Operator
  - Creating DNS records on a public DNS zone for Infoblox
  - Creating DNS records on an public zone for Azure
  - External DNS Operator configuration parameters
  - Configuring the cluster-wide proxy on the External DNS Operator
  - Creating DNS records on an public hosted zone for AWS
  - Creating DNS records on an public managed zone for GCP
  - Understanding the External DNS Operator
  - Installing the External DNS Operator
- Hardware networks
  - Configuring hardware offloading
  - About Single Root I/O Virtualization (SR-IOV) hardware networks
  - Adding a pod to an SR-IOV network
  - Tuning sysctl settings on an SR-IOV network
  - Using pod-level bonding for secondary networks
  - Configuring an SR-IOV Ethernet network attachment
  - Uninstalling the SR-IOV Operator
  - Using DPDK and RDMA
  - Installing the SR-IOV Operator
  - Configuring an SR-IOV network device
  - Switching Bluefield-2 from NIC to DPU mode
  - Configuring an SR-IOV InfiniBand network attachment
  - Configuring the SR-IOV Operator
  - Using high performance multicast
- Kubernetes NMState
  - Updating node network configuration
  - Troubleshooting node network configuration
  - About the Kubernetes NMState Operator
  - Observing node network state
- Load balancing with MetalLB
  - Configuring MetalLB BFD profiles
  - Configuring MetalLB address pools
  - Upgrading the MetalLB Operator
  - MetalLB logging, troubleshooting, and support
  - Installing the MetalLB Operator
  - Advertising the IP address pools
  - Configuring MetalLB BGP peers
  - About MetalLB and the MetalLB Operator
  - Configuring services to use MetalLB
  - Advertising an IP address pool using the community alias
- Multiple networks
  - Removing an additional network
  - Understanding multiple networks
  - Attaching a pod to an additional network
  - Assigning a secondary network to a VRF
  - Configuring an additional network
  - Editing an additional network
  - Removing a pod from an additional network
  - Configuring multi-network policy
  - About virtual routing and forwarding
- Network Observability
  - Troubleshooting Network Observability
  - Understanding Network Observability Operator
  - Installing the Network Observability Operator
  - Monitoring the Network Observability Operator
  - API reference
  - JSON flows format reference
  - Observing the network traffic
  - Configuring the Network Observability Operator
  - Network Observability overview
  - Network Observability release notes
- Network policy
  - Editing a network policy
  - Viewing a network policy
  - Creating a network policy
  - Deleting a network policy
  - Configuring multitenant isolation with network policy
  - About network policy
  - Defining a default network policy for projects
- OpenShift SDN network plugin
  - Considerations for the use of an egress router pod
  - Configuring egress IPs for a project
  - Deploying an egress router pod in redirect mode
  - Configuring an egress firewall for a project
  - Enabling multicast for a project
  - Removing an egress firewall from a project
  - Deploying an egress router pod in HTTP proxy mode
  - Editing an egress firewall for a project
  - Deploying an egress router pod in DNS proxy mode
  - About the OpenShift SDN network plugin
  - Migrating to the OpenShift SDN network plugin
  - Configuring an egress router pod destination list from a config map
  - Viewing an egress firewall for a project
  - Rolling back to the OpenShift SDN network plugin
  - Disabling multicast for a project
  - Configuring kube-proxy
  - Configuring multitenant isolation
- OVN-Kubernetes network plugin
  - Tracking network flows
  - Configuring an egress IP address
  - OVN-Kubernetes architecture
  - Enabling multicast for a project
  - Configuring hybrid networking
  - Converting to IPv4/IPv6 dual stack networking
  - Migrating from Kuryr
  - OVN-Kubernetes troubleshooting
  - OVN-Kubernetes traffic tracing
  - Logging for egress firewall and network policy rules
  - Assigning an egress IP address
  - About the OVN-Kubernetes network plugin
  - Configuring IPsec encryption
  - Viewing an egress firewall for a project
  - Editing an egress firewall for a project
  - Removing an egress firewall from a project
  - Migrating from the OpenShift SDN network plugin
  - Deploying an egress router pod in redirect mode
  - Disabling multicast for a project
  - Configuring an egress firewall for a project
  - Considerations for the use of an egress router pod
  - Rolling back to the OpenShift SDN network plugin
Nodes
- Controlling pod placement onto nodes (scheduling)
- Overview of nodes
- Using Jobs and DaemonSets
  - Running tasks in pods using jobs
  - Running background tasks on nodes automatically with daemonsets
- Working with clusters
- Working with containers
- Working with nodes
- Working with pods
Operators
- Operators overview
- Cluster Operators reference
- Administrator tasks
- Developing Operators
- Understanding Operators
- User tasks
  - Creating applications from installed Operators
  - Installing Operators in your namespace
Post-installation configuration
- Preparing for users
- Configuring alert notifications
- Network configuration
- Machine configuration tasks
- Storage configuration
- Configuring additional devices in an IBM zSystems or IBM LinuxONE environment
- Fedora CoreOS (FCOS) image layering
- Regions and zones for a VMware vCenter
- Cluster tasks
- Enabling encryption on a vSphere cluster
- Configuring a private cluster
- Bare metal configuration
- Node tasks
- Configuring multi-architecture compute machines on an OpenShift cluster
- Converting a connected cluster to a disconnected cluster
- Enabling cluster capabilities
Registry
- Exposing the registry
- Image Registry Operator in OKD
- Registry overview
- Accessing the registry
- Setting up and configuring the registry
Scalability and performance
- Using CPU Manager and Topology Manager
- Improving cluster stability in high latency environments using worker latency profiles
- Planning your environment according to object maximums
- Low latency tuning
- Workload partitioning
- Requesting CRI-O and Kubelet profiling data by using the Node Observability Operator
- Performing latency tests for platform verification
- Topology Aware Lifecycle Manager for cluster updates
- Creating a performance profile
- Using the Node Tuning Operator
- Managing bare metal hosts
- Scheduling NUMA-aware workloads
- What huge pages do and how they are consumed by apps
- Recommended performance and scalability practices
- Clusters at the network far edge
- Scalability and performance optimization
Security and compliance
- Allowing JavaScript-based access to the API server from additional hosts
- Security and compliance overview
- Configuring the audit log policy
- Configuring TLS security profiles
- Viewing audit logs
- Scanning pods for vulnerabilities
- Configuring seccomp profiles
- Network-Bound Disk Encryption (NBDE)
- Encrypting etcd data
- Compliance Operator
- Configuring certificates
- Container security
- File Integrity Operator
- Security Profiles Operator
- Certificate types and descriptions
Specialized hardware and driver enablement
- Node Feature Discovery Operator
- Kernel Module Management Operator
- Driver Toolkit
- About specialized hardware and driver enablement
Storage
- Storage overview
- Dynamic provisioning
- Understanding ephemeral storage
- Understanding persistent storage
- Expanding persistent volumes
- Generic ephemeral volumes
- Configuring persistent storage
- Using Container Storage Interface (CSI)
Support
- Getting support
- Gathering data about your cluster
- Support overview
- Managing your cluster resources
- Summarizing cluster specifications
- Remote health monitoring with connected clusters
- Troubleshooting
Updating clusters
- Migrating to a cluster with multi-architecture compute machines
- Preflight validation for Kernel Module Management (KMM) Modules
- Updating a cluster using the web console
- Updating hardware on nodes running on vSphere
- Updating clusters overview
- Preparing to update a cluster with manually maintained credentials
- Understanding OpenShift update duration
- Updating a cluster using the CLI
- Preparing to update to OKD 4.13
- Performing update using canary rollout strategy
- Updating hosted control planes
- Updating a cluster in a disconnected environment
Virtualization
- Using the CLI tools
- About OKD Virtualization
- Updating OKD Virtualization
- Getting started with OKD Virtualization
- Security policies
- Backup and restore
- Installing
- Live migration
- Node maintenance
- Support
- Virtual machines
- Virtual machine templates
Web console
- Web console overview
- Adding user preferences
- Accessing the web console
- Creating quick start tutorials
- Disabling the web console
- Customizing the web console
- Configuring the web console
- Viewing cluster information
- Dynamic plugins
What’s new?
- New features and enhancements
- Deprecated features
Windows Container Support for OpenShift
- Understanding Windows container workloads
- Windows node upgrades
- Scheduling Windows container workloads
- Red Hat OpenShift support for Windows Containers release notes
- Using Bring-Your-Own-Host Windows instances as nodes
- Removing Windows nodes
- Enabling Windows container workloads
- Disabling Windows container workloads
- Red Hat OpenShift support for Windows Containers overview
- Creating Windows MachineSet objects

暂无相关搜索结果！

本文档使用全库网构建