You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: admin_guide/master_node_configuration.adoc
+53-49Lines changed: 53 additions & 49 deletions
Original file line number
Diff line number
Diff line change
@@ -17,16 +17,16 @@ The config files are fully specifying with no defaulting. This means that any e
17
17
== Create the starting config files
18
18
The `openshift start` command accepts flags that indicate that it should simply write the config file that it would have used and terminate. This is useful for getting a starting point for the config. You can do this by running
Once you have modified the config files to your liking, you can make use of them by specifying them as an argument. Keep in mind that if you specify a config file, *none of the other flags you pass in will be respected*. You can run them like:
Copy file name to clipboardExpand all lines: cli_reference/setup_multiple_cli_profiles.adoc
+6-10Lines changed: 6 additions & 10 deletions
Original file line number
Diff line number
Diff line change
@@ -108,18 +108,14 @@ users:
108
108
auth-path: path/to/my/existing/auth-file
109
109
```
110
110
== Loading and merging rules
111
-
The rules for loading and merging .kubeconfig files are straightforward but numerous. The final config is built in the following order:
112
-
113
-
. Merge together the .kubeconfig file. This is done with the following hierarchy and merge rules:
114
-
* Empty filenames are ignored; files with non-deserializable content produce errors.
115
-
* The first file to set a particular value or map key wins and the value or map key is never changed. As a result, the first file to set [parameter]#CurrentContext# will have its context preserved. Also, if two files specify a "red-user", only values from the first file's red-user are used. Even non-conflicting entries from the second file's "red-user" are discarded.
116
-
** CommandLineLocation: the value of the `kubeconfig` command line option.
117
-
** EnvVarLocation: the value of $KUBECONFIG
118
-
** CurrentDirectoryLocation: ``pwd``/.kubeconfig
119
-
** HomeDirectoryLocation: ~/.kube/.kubeconfig
111
+
The loading order follows these rules:
112
+
1. If the --config flag is set, then only that file is loaded. The flag may only be set once and no merging takes place.
113
+
2. If $OPENSHIFTCONFIG environment variable is set, then it is used a list of paths (normal path delimitting rules for your system). These paths are merged together. When a value is modified, it is modified in the file that defines the stanza. When a value is created, it is created in the first file that exists. If no files in the chain exist, then it creates the last file in the list.
114
+
3. Otherwise, ${HOME}/.config/openshift/config is used and no merging takes place.
115
+
120
116
. Determine the context to use based on the first hit in this chain:
121
117
** Command line argument - the value of the `context` command line option.
122
-
** Current-context from the merged kubeconfig file.
118
+
** Current-context from the kubeconfig file.
123
119
** Empty is allowed at this stage.
124
120
. Determine the user and cluster information to use. At this point, you may or may not have a context; they are built based on the first hit in this chain. Hint: Run it twice, once for user, once for cluster.
125
121
** Command line argument: `user` for user name and `cluster` for cluster name
. Because OpenShift services are secured by TLS, clients must accept the server certificates and present their own client certificate. These certificates are generated when the master server is started. You must point `osc` and `curl` at the appropriate CA bundle and client key and certificate to connect to OpenShift. Set the following environment variables:
NOTE: When running as a user other than `root`, you would also need to make the private client key readable by that user. However, this is just for example purposes; in a production environment, developers would generate their own keys and not have access to the system keys.
@@ -107,9 +107,9 @@ $ ./openshift help
107
107
. Because OpenShift services are secured by TLS, clients must accept the server certificates and present their own client certificate. These certificates are generated when the master server is started. You must point `osc` and `curl` at the appropriate CA bundle and client key and certificate to connect to OpenShift. Set the following environment variables:
0 commit comments