Rechercher

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 5. Managing administration roles and users

download PDF

5.1. Understanding administration roles

5.1.1. The cluster-admin role

As an administrator of an OpenShift Dedicated cluster with Customer Cloud Subscriptions (CCS), you have access to the cluster-admin role. The user who created the cluster can add the cluster-admin user role to an account to have the maximum administrator privileges. These privileges are not automatically assigned to your user account when you create the cluster. While logged in to an account with the cluster-admin role, users have mostly unrestricted access to control and configure the cluster. There are some configurations that are blocked with webhooks to prevent destabilizing the cluster, or because they are managed in OpenShift Cluster Manager and any in-cluster changes would be overwritten. Usage of the cluster-admin role is subject to the restrictions listed in your Appendix 4 agreement with Red Hat. As a best practice, limit the number of cluster-admin users to as few as possible.

5.1.2. The dedicated-admin role

As an administrator of an OpenShift Dedicated cluster, your account has additional permissions and access to all user-created projects in your organization’s cluster. While logged in to an account with the dedicated-admin role, the developer CLI commands (under the oc command) allow you increased visibility and management capabilities over objects across projects, while the administrator CLI commands (under the oc adm command) allow you to complete additional operations.

Note

While your account does have these increased permissions, the actual cluster maintenance and host configuration is still performed by the OpenShift Operations Team.

5.2. Managing OpenShift Dedicated administrators

Administrator roles are managed using a cluster-admin or dedicated-admin group on the cluster. Existing members of this group can edit membership through OpenShift Cluster Manager.

5.2.1. Adding a user

Procedure

  1. Navigate to the Cluster Details page and Access Control tab.
  2. Select the Cluster Roles and Access tab and click Add user.
  3. Enter the user name and select the group.
  4. Click Add user.
Note

Adding a user to the cluster-admin group can take several minutes to complete.

5.2.2. Removing a user

Procedure

  1. Navigate to the Cluster Details page and Access Control tab.
  2. Click the Options menu kebab to the right of the user and group combination and click Delete.
Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.