Return to OpenShift CLI Glossary, OpenShift Docker Glossary, Podman Glossary, Containerization Glossary, Kubernetes Glossary, Rancher Glossary
Provide a list of Red Hat OpenShift CLI (oc) commands sorted by the most commonly used. For each concept include a brief description, the related URLs for the OpenShift documentation. Answer using MediaWiki format.
Here's a glossary of the top 75 Red Hat OpenShift concepts sorted by the most commonly used, along with brief descriptions and related URLs for the OpenShift documentation:
1. OpenShift Cluster: A cluster is a set of physical or virtual machines and other resources that acts as the foundation for running containerized applications in OpenShift.
2. OpenShift Node: A node is a worker machine in the OpenShift cluster that runs containerized applications.
3. OpenShift Pod: A pod is the smallest deployable unit in OpenShift, consisting of one or more containers that share resources and network.
4. OpenShift Deployment: A deployment is a Kubernetes resource used in OpenShift to manage the deployment of applications, ensuring desired replica counts and rolling updates.
5. OpenShift Service: A service in OpenShift is an abstraction that defines a logical set of pods and a policy by which to access them.
6. OpenShift Route: A route in OpenShift exposes services to external traffic by creating a public-facing URL that maps to a service within the cluster.
7. OpenShift Namespace: Namespaces in OpenShift provide a way to divide cluster resources between multiple users or projects.
8. OpenShift Persistent Volume: Persistent volumes in OpenShift are storage volumes that exist beyond the lifecycle of a pod, allowing data to persist between pod restarts.
9. OpenShift Persistent Volume Claim: A persistent volume claim in OpenShift is a request for storage by a user or application.
10. OpenShift Secret: Secrets in OpenShift allow you to store and manage sensitive information, such as passwords, API keys, and tokens.
11. OpenShift ConfigMap: ConfigMaps in OpenShift allow you to decouple configuration artifacts from containerized applications to keep them portable.
12. OpenShift Service Account: Service accounts in OpenShift provide an identity for processes that run in a pod.
13. OpenShift Role-Based Access Control (RBAC): RBAC in OpenShift is a method of regulating access to resources based on the roles of individual users within a project or cluster.
14. OpenShift Image: An image in OpenShift is a pre-built package that contains the code, runtime, libraries, and dependencies required to run an application.
15. OpenShift Build: A build in OpenShift is a process that transforms source code into a runnable image that can be deployed to the cluster.
16. OpenShift Operator: An operator in OpenShift is a method of packaging, deploying, and managing a Kubernetes application. It extends the Kubernetes API to automate tasks related to the application's lifecycle.
17. OpenShift Route: In OpenShift, a route is an object that exposes a service at a specific DNS name and allows external traffic to reach the service.
18. OpenShift Template: A template in OpenShift is a reusable blueprint for creating objects such as pods, services, and routes.
19. OpenShift ImageStream: An ImageStream in OpenShift is an object that allows you to manage and track versions of container images.
20. OpenShift DaemonSet: A DaemonSet ensures that all (or some) nodes run a copy of a pod.
21. OpenShift StatefulSet: A StatefulSet in OpenShift is a workload API object used to manage stateful applications.
22. OpenShift Horizontal Pod Autoscaler (HPA): HPA automatically adjusts the number of replica pods in a deployment based on observed CPU [utilization.
23. OpenShift Volume: Volumes in OpenShift are directories accessible to containers in a pod.
24. OpenShift Route: In OpenShift, a route is an object that exposes a service at a specific DNS name and allows external traffic to reach the service.
25. OpenShift NetworkPolicy: NetworkPolicy in OpenShift allows you to control the traffic flow between pods and services.
26. OpenShift Horizontal Pod Autoscaler (HPA): HPA automatically adjusts the number of replica pods in a deployment based on observed CPU [utilization.
27. OpenShift Service Mesh: A service mesh in OpenShift is a dedicated infrastructure layer for handling service-to-service communication.
28. OpenShift CronJob: A CronJob in OpenShift is a job that runs on a periodic schedule, similar to the Unix cron utility.
29. OpenShift Re[[source Quota]]: Resource quotas in OpenShift limit the amount of CPU, memory, and storage that can be used in a project.
30. OpenShift Pod Security Policy: Pod security policies in OpenShift control the security context under which a pod runs.
31. OpenShift StatefulSet: A StatefulSet in OpenShift is a workload API object used to manage stateful applications.
32. OpenShift Route: In OpenShift, a route is an object that exposes a service at a specific DNS name and allows external traffic to reach the service.
33. OpenShift NetworkPolicy: NetworkPolicy in OpenShift allows you to control the traffic flow between pods and services.
34. OpenShift Horizontal Pod Autoscaler (HPA): HPA automatically adjusts the number of replica pods in a deployment based on
[[observed]] [[CPU [utilization]].
35. OpenShift Service Mesh: A service mesh in OpenShift is a dedicated infrastructure layer for handling service-to-service communication.
36. OpenShift CronJob: A CronJob in OpenShift is a job that runs on a periodic schedule, similar to the Unix cron utility.
37. OpenShift Re[[source Quota]]: Resource quotas in OpenShift limit the amount of CPU, memory, and storage that can be used in a project.
38. OpenShift Pod Security Policy: Pod security policies in OpenShift control the security context under which a pod runs.
39. OpenShift Service Account: A service account in OpenShift provides an identity for processes that run in a pod.
40. OpenShift Image: An image in OpenShift is a pre-built package that contains the code, runtime, libraries, and dependencies required to run an application.
41. OpenShift Build: A build in OpenShift is a process that transforms source code into a runnable image that can be deployed to the cluster.
42. OpenShift Operator: An operator in OpenShift is a method of packaging, deploying, and managing a Kubernetes application. It extends the Kubernetes API to automate tasks related to the application's lifecycle.
43. OpenShift Route: In OpenShift, a route is an object that exposes a service at a specific DNS name and allows external traffic to reach the service.
44. OpenShift Template: A template in OpenShift is a reusable blueprint for creating objects such as pods, services, and routes.
45. OpenShift ImageStream: An ImageStream in OpenShift is an object that allows you to manage and track versions of container images.
46. OpenShift DaemonSet: A DaemonSet ensures that all (or some) nodes run a copy of a pod.
47. OpenShift StatefulSet: A StatefulSet in OpenShift is a workload API object used to manage stateful applications.
48. OpenShift Horizontal Pod Autoscaler (HPA): HPA automatically adjusts the number of replica pods in a deployment based on observed CPU [utilization.
49. OpenShift Volume: Volumes in OpenShift are directories accessible to containers in a pod.
50. OpenShift StatefulSet: A StatefulSet in OpenShift is a workload API object used to manage stateful applications.
51. OpenShift Deployment: A deployment is a Kubernetes resource used in OpenShift to manage the deployment of applications, ensuring desired replica counts and rolling updates.
52. OpenShift Service: A service in OpenShift is an abstraction that defines a logical set of pods and a policy by which to access them.
53. OpenShift Route: A route in OpenShift exposes services to external traffic by creating a public-facing URL that maps to a service within the cluster.
54. OpenShift Namespace: Namespaces in OpenShift provide a way to divide cluster resources between multiple users or projects.
55. OpenShift Persistent Volume: Persistent volumes in OpenShift are storage volumes that exist beyond the lifecycle of a pod, allowing data to persist between pod restarts.
56. OpenShift Persistent Volume Claim: A persistent volume claim in OpenShift is a request for storage by a user or application.
57. OpenShift Secret: Secrets in OpenShift allow you to store and manage sensitive information, such as passwords, API keys, and tokens.
58. OpenShift ConfigMap: ConfigMaps in OpenShift allow you to decouple configuration artifacts from containerized applications to keep them portable.
59. OpenShift Service Account: Service accounts in OpenShift provide an identity for processes that run in a pod.
60. OpenShift Role-Based Access Control (RBAC): RBAC in OpenShift is a method of regulating access to resources based on the roles of individual users within a project or cluster.
61. OpenShift Image: An image in OpenShift is a pre-built package that contains the code, runtime, libraries, and dependencies required to run an application.
62. OpenShift Build: A build in OpenShift is a process that transforms source code into a runnable image that can be deployed to the cluster.
63. OpenShift Operator: An operator in OpenShift is a method of packaging, deploying, and managing a Kubernetes application. It extends the Kubernetes API to automate tasks related to the application's lifecycle.
64. OpenShift Route: In OpenShift, a route is an object that exposes a service at a specific DNS name and allows external traffic to reach the service.
65. OpenShift Template: A template in OpenShift is a reusable blueprint for creating objects such as pods, services, and routes.
66. OpenShift ImageStream: An ImageStream in OpenShift is an object that allows you to manage and track versions of container images.
67. OpenShift DaemonSet: A DaemonSet ensures that all (or some) nodes run a copy of a pod.
68. OpenShift StatefulSet: A StatefulSet in OpenShift is a workload API object used to manage stateful applications.
69. OpenShift Horizontal Pod Autoscaler (HPA): HPA automatically adjusts the number of replica pods in a deployment based on observed CPU [utilization.
70. OpenShift Volume: Volumes in OpenShift are directories accessible to containers in a pod.
71. OpenShift StatefulSet: A StatefulSet in OpenShift is a workload API object used to manage stateful applications.
72. OpenShift Deployment: A deployment is a Kubernetes resource used in OpenShift to manage the deployment of applications, ensuring desired replica counts and rolling updates.
73. OpenShift Service: A service in OpenShift is an abstraction that defines a logical set of pods and a policy by which to access them.
74. OpenShift Route: A route in OpenShift exposes services to external traffic by creating a public-facing URL that maps to a service within the cluster.
75. OpenShift Namespace: Namespaces in OpenShift provide a way to divide cluster resources between multiple users or projects.
These are the top 75 Red Hat OpenShift concepts commonly used, each with a brief description and related URLs for OpenShift documentation.
A hitchhiker’s guide to OpenShift
As you are working with Red Hat OpenShift on IBM Cloud, just remember: Don't panic!
By Anton McConville, Yan Koyfman, Olaph Wagoner
Published November 8, 2019
This document provides a glossary, links, and guides to topics about OpenShift. It is a guide for developers, created by developers who are working with Red Hat OpenShift on IBM Cloud.
OpenShift is described as “The developer and operations friendly Kubernetes distro.” It runs on top of Kubernetes (previous versions of OpenShift handled container orchestration using a different mechanism). OpenShift provides tools that help developers and operations teams run containerized workloads. Under the covers, OpenShift is powered by Origin Kubernetes Distribution (OKD), which includes Kubernetes and other open source projects like Docker and Istio.
The following sections are organized in alphabetical order. In honor of Douglas Adams, author of the Hitchhiker’s Guide to the Galaxy series, we advise you: “Don’t Panic!”
A hitchhiker's guide to OpenShift
Application “Application” is becoming something of an overloaded term as OpenShift evolves. Although previously a concrete concept, it no longer represents a single underlying object in the OpenShift world. However, “application” lives on in the console and command line as a kind of convenient grouping of certain features of a workload. The oc new-app CLI creates multiple components, such as a Deployment and ImageStream, from an existing image or source code location, and a service and route configuration if a port is specified.
CI/CD with Jenkins or Tekton You have a few options when implementing continuous integration and continuous delivery (CI/CD). A widely used application for setting up continuous delivery, Jenkins is provided as a certified container in OpenShift. You can use it to build packages, run unit and integration tests, and deploy images.
Another up-and-coming open source tool for building pipelines, Tekton provides a cloud-native way to perform many of the same operations.
Command-line tools buildah: buildah is a tool for building CRI-O-based images, much like Podman. buildah is comprised essentially of a superset of the build commands available through Podman, allowing for finer control in creating images.
kubectl: kubectl is the standard command-line tool for controlling Kubernetes clusters. Because OpenShift 3.x and more recent versions are based on Kubernetes, kubectl is available to use on every OpenShift cluster.
oc: oc is the OpenShift Client CLI that you can use to manipulate OpenShift native constructs as first-class objects (including projects, applications, routes, and ImageStreams). Because OpenShift adds these elements on top of Kubernetes, oc is required to interface with OpenShift-specific features.
odo: odo is “OpenShift do” – a command-line tool to simplify common operations. It is targeted at developers (as opposed to operations) to allow them to rapidly deploy and iterate on code.
s2i: s2i is a command-line tool to combine a builder image from a source GitHub source code repo. The output is a runnable Docker image. The builder image is like a template with baked-in scripts to take source code and compile it into a runnable application.
Image streams Image streams are an abstraction to allow OpenShift to deploy applications from a public image registry, while dynamically deploying new image versions as they make their way into the registry. You can configure builds and deployments to watch image streams and automatically update themselves when new image versions are available.
Internal image registry Another thing that sets OpenShift apart is its built-in image registry. Why would you want to use an internal registry? It gives you another option instead of deploying images to Docker hub or another online registry. An internal OpenShift registry allows multiple projects within the cluster to access the registry, with fine-grained security though role-based access control (RBAC). Be aware that if an OpenShift cluster is deleted, any images stored in its internal registry are deleted as well.
Kubernetes Kubernetes is an open-source, container-orchestration system for automating application deployment, scaling, and management. It was originally designed by Google, and is now maintained by the Cloud Native Computing Foundation.
Minishift Much like Minikube lets you set up a Kubernetes cluster on your local machine for testing, Minishift allows you to run a development instance of OpenShift. It runs a single-node cluster inside a virtual machine, using libmachine for provisioning and OKD for the cluster itself.
OKD OpenShift is powered by Origin Kubernetes Distribution (OKD), which includes Kubernetes and other open source projects like Docker and Istio.
OpenShift developer console Another feature that sets OpenShift apart from base Kubernetes is its developer console, with rich capabilities. The OpenShift web console provides a central point of control for your OpenShift environment. The web console is made up of the following main views:
Cluster console: The OpenShift web console includes a friendlier view for admin operations. It includes a global view of the OpenShift cluster as a whole, including details of the underlying hardware. You can view metrics on cluster use with built-in Grafana or Promethues dashboards, and you can manage routes and ingresses.
Application console: On the application console, you can create and delete applications and deployments, and you can manage deployments. View logs of all deployed pods in a project on one screen, and see a history of builds.
Service catalog: On the service catalog, you can deploy databases and middleware applications directly from the console. The services in the console are pre-certified to work with OpenShift. You can create pods from base images for many languages and source code in GitHub repositories. Also, you can create Jenkins pipelines.
Operators Operators act a lot like packages: they are a way to install a specific piece of software. In OpenShift, however, operators take software deployment a bit further by constantly checking the state of that software (like version number) and correcting any discrepancies from the desired configuration.
Podman Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux system. You can run Containers either as root or in rootless mode. Simply put:
alias docker=podman.
Projects Projects in OpenShift are similar to the concept of namespaces in Kubernetes, but they existed before namespaces acquired many of their current features. Logically, projects enable multi-tenancy in an OpenShift cluster, allowing multiple teams to safely run isolated workloads in a single cluster, avoiding the extra overhead and costs of provisioning more OpenShift instances than necessary. Cluster administrators can give users permission to create projects and then control access on a per-project basis. In addition, templates can be created with a pre-defined set of objects to use as the basis for new projects.
Routes Routes are the method by which you make your application, or more specifically a particular service (available to the outside world through a URL). The host name is specified by an administrator (that’s you, maybe!) when the cluster is provisioned.
Security Because OpenShift is intended to be the Kubernetes platform adopted by mature, security conscious enterprises migrating to the cloud, it includes several features meant to ensure the safety of running multi-tenant containerized workloads. Additional layers of security – defense in depth – can stop exploits that are in the realm of the “unknown unknowns”, for example: https://blog.openshift.com/openshift-protects-against-nasty-container-exploit/.
By default, containers do not run as root. Instead, they are assigned a dynamically allocated user ID. Security context constraints control what users’ pods can run in, and what resources they can access. SELinux is enabled by default when OpenShift is installed. Source-to-Image (S2I) OpenShift Source-to-Image (S2I) is a tool for building reproducible Docker images. It produces ready-to-run images by injecting application source into a Docker image and assembling a new Docker image. The new image incorporates the base image (the builder) and the built source. It is ready to use with the docker run command. S2I supports incremental builds, which re-use previously downloaded dependencies and previously built artifacts.
Templates OpenShift templates are best known as the way in which the OpenShift web console is populated with quick-start applications and other content. However, they are also a very powerful tool that, used thoughtfully, can be the building block of an infrastructure as code solution for managing many aspects of cluster and application state.
We hope this guide helps you on your journey with OpenShift. For tutorials, videos, and code patterns to work with, see the Red Hat OpenShift on IBM Cloud page.