Red Hat Summit Red Hat Summitサポートコンソール開発者トライアルの開始お問い合わせ

このコンテンツは選択した言語では利用できません。

Installing Red Hat Edge Manager on Red Hat OpenShift Container Platform

Red Hat Edge Manager 1.0

Installing Red Hat Edge Manager on OpenShift Container Platform

Red Hat Edge Manager Documentation Team

Abstract

This document provides information about installing Red Hat Edge Manager on OpenShift Container Platform.

Chapter 1. Installing Red Hat Edge Manager on Red Hat OpenShift Container Platform
リンクのコピー

Red Hat OpenShift Container Platform users can install Red Hat Edge Manager from the Software Catalog in the Hybrid Cloud Console. This procedure guides you through project creation, certificate configuration, and application deployment.

Prerequisites

  • An active Red Hat Edge Manager subscription.
  • An Red Hat OpenShift Container Platform cluster version 4.19 or later.
  • Cluster administrator permissions.
  • The OpenShift CLI (oc) installed and authenticated.

Procedure

  1. Log into the Red Hat OpenShift Container Platform web console.

  2. In your terminal, run the following command to create a project for the Red Hat Edge Manager application services: 

    $ oc new-project <project_name>
    Copy to Clipboard Toggle word wrap
  3. In the Red Hat OpenShift Container Platform web console, navigate to EcosystemSoftware Catalog.

  4. Select your project from the Project dropdown menu.

    Note

    If the project does not appear in the dropdown, refresh your browser.

  5. Search for "Red Hat Edge Manager" and select the Red Hat Edge Manager tile.
  6. In the Red Hat Edge Manager side panel, click Create.
  7. In the Release name field, enter the name of your project.
  8. Select the desired version from the Chart version dropdown menu.

  9. Before finishing the installation, you must configure the ingress certificates. In your terminal, run the following commands to extract the cluster’s Certificate Authority (CA) bundle: 

    $ oc get configmap default-ingress-cert \
    -n openshift-config-managed \
    -o jsonpath='{.data.ca-bundle\.crt}' > /tmp/ingress-ca.crt

$ cat /tmp/ingress-ca.crt
    Copy to Clipboard Toggle word wrap

  10. Under the Configure via section, select the YAML view radio button, locate the global.auth.caCert field and paste the contents of /tmp/ingress-ca.crt as shown below:

    Example YAML configuration

    global:
  auth:
    caCert: |
      -----BEGIN CERTIFICATE-----
      MIIDWzCCAkOgAwIBAgIIUUg1fwtYuLYwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UE
      ...
      [Full certificate content]
      ...
      -----END CERTIFICATE-----
    insecureSkipTlsVerify: false
    Copy to Clipboard Toggle word wrap

    Warning

    Verify the global.auth.caCert field is included. If it is missing, you must add it manually to allow edge devices to verify the API. Ensure global.auth.caCert is correctly indented. If this field is missing or malformed, managed edge devices will be unable to verify the API identity and will fail to connect.

    Note

    If Advanced Cluster Management (ACM) is present in your environment but you are using Red Hat Edge Manager as a standalone feature, set the global.enableMulticlusterExtensions parameter to "false".

  11. Click Create to deploy Red Hat Edge Manager.

Verification: Retrieving the User Interface URL

Once the pods are running, obtain the external URL to access the Red Hat Edge Manager dashboard.

  1. In your terminal, run the following command to retrieve the host address: 

    $ oc get route flightctl-ui -n <project_name> -o jsonpath='{.spec.host}'
    Copy to Clipboard Toggle word wrap
  2. Copy the returned URL and paste it into a web browser.
  3. Log in using your administrator credentials.

Chapter 2. Authenticating Red Hat Edge Manager on Red Hat OpenShift Container Platform
リンクのコピー

Users can enable secure access to Red Hat Edge Manager by integrating their existing OpenShift identity provider. This guide walks you through labeling your environment and assigning the specific roles required for your team to manage devices, fleets, and organizations.

  • Namespace-to-Organization Mapping: Red Hat Edge Manager uses a 1:1 mapping between OpenShift namespaces and Organizations.
  • Automatic Discovery: The act of labeling a namespace with io.flightctl/instance=<helm_release-name> triggers the automatic discovery and initialization of that namespace as a Red Hat Edge Manager Organization.
  • Multi-Tenancy: You are not limited to a single organization. You can create and manage multiple isolated organizations within a single cluster by applying the same management label to different namespaces.
  • Identity: Each labeled namespace is treated as a distinct organization, allowing you to segregate users, devices, and configurations across your environment.

Prerequisites

  • Red Hat Edge Manager is deployed on Red Hat OpenShift Container Platform via the Software Catalog.
  • Red Hat OpenShift Container Platform users are created via an identity provider (e.g.htpasswd or LDAP).
  • You have cluster-admin access to configure RoleBindings.

Procedure

  1. In the Red Hat OpenShift Container Platform web console, navigate to HelmReleases and record the Helm release name. This value is required for labeling the namespace and configuring user access.

  2. In your terminal, run the following command to label the namespace: 

    $ oc label namespace <namespace> io.flightctl/instance=<helm_release_name>
    Copy to Clipboard Toggle word wrap
    Important

    The label value must match the Helm release name, not the namespace name.

  3. To verify which namespaces are associated with the Helm release name, run the following command: 

    $ oc get namespaces -l io.flightctl/instance=<helm_release_name>
    Copy to Clipboard Toggle word wrap

2.1. Grant user access
リンクのコピー

Accessing Red Hat Edge Manager resources requires a minimum of two roles: the mandatory view role for organization discovery, plus at least one functional role (e.g., flightctl-admin).

Expand
Table 2.1. Red Hat Edge Manager Roles
RolePurpose

view

Required for organization discovery.

flightctl-admin-<helm_release_name>

Full access to Red Hat Edge Manager resources.

flightctl-operator-<helm_release_name>

CRUD permissions for devices, fleets, resourcesyncs, and repositories.

flightctl-viewer-<helm_release_name>

Read-only access.

Procedure

  • To grant the view role for organization discovery: 

    $ oc adm policy add-role-to-user view <user_name> -n <namespace>
    Copy to Clipboard Toggle word wrap

  • To grant Red Hat Edge Manager administrative permissions: 

    $ oc adm policy add-role-to-user flightctl-admin-<helm_release_name> <user_name> -n <namespace>
    Copy to Clipboard Toggle word wrap

  • To grant permissions for CRUD operations on Red Hat Edge Manager resources: 

    $ oc adm policy add-role-to-user flightctl-operator-<helm_release_name> <user_name> -n <namespace>
    Copy to Clipboard Toggle word wrap

  • To grant Red Hat Edge Manager read-only access: 

    $ oc adm policy add-role-to-user flightctl-viewer-<helm_release_name> <user_name> -n <namespace>
    Copy to Clipboard Toggle word wrap
Note

A User not found warning is expected if the user has not yet logged in. The role binding will activate automatically upon their first authentication.

2.2. User login
リンクのコピー

You can authenticate with Red Hat Edge Manager using either the flightctl CLI or the UI.

2.2.1. Log in with the CLI
リンクのコピー

Procedure

  1. Log in to OpenShift: 

    $ oc login
    Copy to Clipboard Toggle word wrap

  2. Log in to Red Hat Edge Manager using the OpenShift token: 

    $ flightctl login https://api.flightctl.apps.example.com -k --token=$(oc whoami -t)
    Copy to Clipboard Toggle word wrap

    Example output

    Auto-selected organization: <uuid> flightctl
Login successful.
    Copy to Clipboard Toggle word wrap

2.2.2. Log in with the UI
リンクのコピー

Procedure

  1. Navigate to the Red Hat Edge Manager UI.
  2. Click Login with OpenShift.
  3. Authenticate using your OpenShift credentials.

Upon successful authentication, the browser redirects to the Red Hat Edge Manager dashboard.

2.3. Verification
リンクのコピー

Verify your access and configuration by running the following commands:

Procedure

  1. Check the current organization: 

    $ flightctl config current-organization
    Copy to Clipboard Toggle word wrap

  2. List available organizations: 

    $ flightctl get organizations
    Copy to Clipboard Toggle word wrap

  3. Test access to resources: 

    $ flightctl get devices
$ flightctl get fleets
    Copy to Clipboard Toggle word wrap

Chapter 3. Upgrading a Helm release chart
リンクのコピー

Users on Red Hat OpenShift Container Platform can upgrade a Helm release by either selecting a new chart version (if available) or manually updating the YAML configuration values.

Prerequisites

  • Ensure you are logged into the OpenShift console with a user account that has permission to modify resources in your specific project.
  • Confirm you have the correct Project (namespace) selected in the console, as Helm releases are grouped by project.
  • Ensure the application is in a stable state and that you have documented any critical configuration values currently in use.

Procedure

  1. In the OpenShift console, locate the navigation menu on the left side of the screen.
  2. Go to the Helm section and select Releases.
  3. Find your release in the list.
  4. Click the Kebab menu (three vertical dots) on the far right of the row and select Upgrade.

  5. Configure your upgrade in the Upgrade Helm Release page:

    1. To change the version: Select a new version from the Chart Version dropdown menu if an update is available.
    2. To change settings: Manually edit the configuration in the YAML editor (Values) to update specific parameters.
  6. Click Upgrade to finalize and deploy your changes.

Once you click Upgrade, OpenShift will trigger a new revision. You can watch the Status column in the Helm Releases list change to "Pending" and then back to "Deployed" once the update is successful.

Legal Notice
リンクのコピー

Copyright © Red Hat.
Except as otherwise noted below, the text of and illustrations in this documentation are licensed by Red Hat under the Creative Commons Attribution–Share Alike 3.0 Unported license . If you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, the Red Hat logo, JBoss, Hibernate, and RHCE are trademarks or registered trademarks of Red Hat, LLC. or its subsidiaries in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
XFS is a trademark or registered trademark of Hewlett Packard Enterprise Development LP or its subsidiaries in the United States and other countries.
The OpenStack® Word Mark and OpenStack logo are trademarks or registered trademarks of the Linux Foundation, used under license.
All other trademarks are the property of their respective owners.
Red Hat logoGithubredditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。 最新の更新を見る.

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

Theme

© 2026 Red Hatトップに戻る