Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to create a new user in OpenShift?

Tags:

openshift-enterprise

I am trying to find out how to create a new user in OpenShift enterprise.

According to the documentation (on https://docs.openshift.com/enterprise/3.0/architecture/core_concepts/projects_and_users.html):

Regular users are created automatically in the system upon first login...

This sounds illogical. How does a user login if they dont have a username and password?

Can someone please clarify this - I'm sure there must be some command for creating a new user, but it is not clear.

Thanks

like image 922
Magick Avatar asked Mar 23 '16 16:03

Magick

People also ask

How do I give access to OpenShift?

To add another user with edit role to the project, so they can create and delete applications, you need to use the oc adm policy command. You must be in the project when you run this command. Replace <collaborator> with the name of the user as displayed by the oc whoami command when run by that user.

2 Answers

The OpenShift master-config (/etc/openshift/master/master-config.yaml) describes the configuration about authentication. By default the master-config shows something like this for the authentication-part:

 identityProviders:
  - challenge: true
    login: true
    name: anypassword
    provider:
      apiVersion: v1
      kind: AllowAllPasswordIdentityProvider

This means that every user with every password can authenticate. By performing oc get users as system:admin you'll see all the users. This configuration is not recommended. You're able to configure another form of authentication (htpasswd, ldap, github, ...).

I'm using htpasswd. So than you have to create a file (with htpasswd) which will contain your username + encrypted password. After that you'll need to edit your master-config.yaml. You have to tell it to use HTPasswdPasswordIdentityProvider and link to your file.

You can find those steps here. Don't forget to restart your OpenShift master after performing those steps: sudo service openshift-master restart (origin-master for origin).

After creating users you can assign roles to users Log in with the default admin (system:admin) and assign roles.

like image 141
lvthillo Avatar answered Oct 05 '22 12:10

lvthillo

I am creating a script for simply adding a user if OpenShift using HTPasswdPasswordIdentityProvider

wget https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64
mv jq-linux64 jq && chmod 755 jq

FILE=$(cat /etc/origin/master/master-config.yaml | python -c 'import sys, yaml, json; y=yaml.load(sys.stdin.read()); print json.dumps(y,indent=4, sort_keys=True)' | ./jq '.oauthConfig.identityProviders[0].provider.file')
FILE=$(sed -e 's/^"//' -e 's/"$//' <<<"$FILE")

htpasswd $FILE user1
like image 41
ejlp12 Avatar answered Oct 05 '22 12:10

ejlp12
Sign in to Comment

Related questions

How to allow image pull from one project to another in openshift?
OC command to remove multiple old tag(s) from an Image Stream?
Purpose of adding Openshift intrastructure nodes
rhc ssh [No system SSH available] error

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!