Red Hat SummitGetting started with Red Hat OpenShift Service on AWS (ROSA)
Learn how to get started on Red Hat® OpenShift® Service on AWS, including how to use AWS Security Token Service (STS) to deploy a cluster. Once you’ve finished, proceed to part two and learn how to deploy an application on your new cluster.
You can also watch this interactive demonstration on how to install ROSA, from creating an account to deploying applications.
This learning path is for operations teams or system administrators
Developers may want to check out developers.redhat.com.
Creating an admin user for quick access on Red Hat OpenShift Service on AWS
If you want to be able to access your cluster immediately through a cluster-admin user, you can follow these steps. This is good if you need quick access to the cluster, though the recommended approach is to use a formal identity provider to access the cluster (and then grant that user admin privileges, if desired).
What will you learn?
- How to access your cluster through a cluster-admin user
What do you need before starting?
- Met all prerequisites
- Deployed a cluster
Create an admin user
- Run this command to create the admin user:
rosa create admin --cluster=<cluster-name>
You will see a response like the following:
W: It is recommended to add an identity provider to login to this cluster. See 'rosa create idp --help' for more information. I: Admin account has been added to cluster 'my-rosa-cluster'. It may take up to a minute for the account to become active. I: To login, run the following command: oc login https://api.my-rosa-cluster.abcd.p1.openshiftapps.com:6443 \ --username cluster-admin \ --password FWGYL-2mkJI-00000-00000 - Copy the login command returned to you in the previous step and paste that into your terminal. This should log you into the cluster via the CLI so you can start using the cluster.
$ oc login https://api.my-rosa-cluster.abcd.p1.openshiftapps.com:6443 \ > --username cluster-admin \ > --password FWGYL-2mkJI-00000-00000 Login successful. You have access to 79 projects, the list has been suppressed. You can list all projects with ' projects' Using project "default". - To check that you are logged in as the admin user you can run:
oc whoami - You can also confirm by running the following command. Only a cluster-admin user can run this without errors:
oc get all -n openshift-apiserver - You can now use the cluster as an admin user, though it is highly recommended to set up an identity provider (IdP).
You are now ready to set up an IdP.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}