Skip to content

OSDOCS#11308: Generating CLI docs for 4.17 #81546

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 24, 2024
Merged

OSDOCS#11308: Generating CLI docs for 4.17 #81546

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
121 changes: 105 additions & 16 deletions modules/oc-adm-by-example-content.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,12 +80,12 @@ Deny a certificate signing request


== oc adm copy-to-node
Copies specified files to the node.
Copy specified files to the node

.Example usage
[source,bash,options="nowrap"]
----
# copy a new bootstrap kubeconfig file to node-0
# Copy a new bootstrap kubeconfig file to node-0
oc adm copy-to-node --copy=new-bootstrap-kubeconfig=/etc/kubernetes/kubeconfig node/node-0
----

Expand Down Expand Up @@ -340,31 +340,72 @@ Create a new project



== oc adm node-image create
Create an ISO image for booting the nodes to be added to the target cluster

.Example usage
[source,bash,options="nowrap"]
----
# Create the ISO image and download it in the current folder
oc adm node-image create
Copy link

@zhouying7780 zhouying7780 Sep 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

error: stat nodes-config.yaml: no such file or directory```
command failed.

Copy link
Contributor Author

@bergerhoffer bergerhoffer Sep 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zhouying7780 if I look at the help for oc adm node-image create, it does say this:

A nodes-config.yaml config file must be created to provide the required initial configuration for the selected nodes.

So I think this means that this file must exist (either in the current folder for this command, or in the /tmp/assets/ folder for the next command) for these commands to work.

Copy link

@andfasano andfasano Sep 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's correct. If the --dir option is not configured (and no single node flag is used), by default the asset is equal to the current working directory


# Use a different assets folder
oc adm node-image create --dir=/tmp/assets
Copy link

@zhouying7780 zhouying7780 Sep 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here : ./oc adm node-image create --dir=/tmp/assets error: stat nodes-config.yaml: no such file or directory

Copy link

@andfasano andfasano Sep 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this example the nodes-config.yaml it's expected to be in the /tmp/assets folder


# Specify a custom image name
oc adm node-image create -o=my-node.iso

# Create an ISO to add a single node without using the configuration file
oc adm node-image create --mac-address=00:d8:e7:c7:4b:bb

# Create an ISO to add a single node with a root device hint and without
# using the configuration file
oc adm node-image create --mac-address=00:d8:e7:c7:4b:bb --root-device-hint=deviceName:/dev/sda
----



== oc adm node-image monitor
Monitor new nodes being added to an OpenShift cluster

.Example usage
[source,bash,options="nowrap"]
----
# Monitor a single node being added to a cluster
oc adm node-image monitor --ip-addresses 192.168.111.83

# Monitor multiple nodes being added to a cluster by separating each
IP address with a comma
Copy link
Contributor Author

@bergerhoffer bergerhoffer Sep 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that I've submitted a fix for this line (should be commented out) here: openshift/oc#1872

oc adm node-image monitor --ip-addresses 192.168.111.83,192.168.111.84
----



== oc adm node-logs
Display and filter node logs

.Example usage
[source,bash,options="nowrap"]
----
# Show kubelet logs from all masters
# Show kubelet logs from all control plane nodes
oc adm node-logs --role master -u kubelet

# See what logs are available in masters in /var/log
# See what logs are available in control plane nodes in /var/log
oc adm node-logs --role master --path=/

# Display cron log file from all masters
# Display cron log file from all control plane nodes
oc adm node-logs --role master --path=cron
----



== oc adm ocp-certificates monitor-certificates
Watch platform certificates.
Watch platform certificates

.Example usage
[source,bash,options="nowrap"]
----
# Watch platform certificates.
# Watch platform certificates
oc adm ocp-certificates monitor-certificates
----

Expand All @@ -376,7 +417,7 @@ Regenerate client and serving certificates of an OpenShift cluster
.Example usage
[source,bash,options="nowrap"]
----
# Regenerate a leaf certificate contained in a particular secret.
# Regenerate a leaf certificate contained in a particular secret
oc adm ocp-certificates regenerate-leaf -n openshift-config-managed secret/kube-controller-manager-client-cert-key
----

Expand All @@ -403,7 +444,7 @@ Regenerate the top level certificates in an OpenShift cluster
.Example usage
[source,bash,options="nowrap"]
----
# Regenerate the signing certificate contained in a particular secret.
# Regenerate the signing certificate contained in a particular secret
oc adm ocp-certificates regenerate-top-level -n openshift-kube-apiserver-operator secret/loadbalancer-serving-signer-key
----

Expand Down Expand Up @@ -484,6 +525,30 @@ Make project network global



== oc adm policy add-cluster-role-to-group
Add a role to groups for all projects in the cluster

.Example usage
[source,bash,options="nowrap"]
----
# Add the 'cluster-admin' cluster role to the 'cluster-admins' group
oc adm policy add-cluster-role-to-group cluster-admin cluster-admins
----



== oc adm policy add-cluster-role-to-user
Add a role to users for all projects in the cluster

.Example usage
[source,bash,options="nowrap"]
----
# Add the 'system:build-strategy-docker' cluster role to the 'devuser' user
oc adm policy add-cluster-role-to-user system:build-strategy-docker devuser
----



== oc adm policy add-role-to-user
Add a role to users or service accounts for the current project

Expand Down Expand Up @@ -526,6 +591,30 @@ Add a security context constraint to users or a service account



== oc adm policy remove-cluster-role-from-group
Remove a role from groups for all projects in the cluster

.Example usage
[source,bash,options="nowrap"]
----
# Remove the 'cluster-admin' cluster role from the 'cluster-admins' group
oc adm policy remove-cluster-role-from-group cluster-admin cluster-admins
----



== oc adm policy remove-cluster-role-from-user
Remove a role from users for all projects in the cluster

.Example usage
[source,bash,options="nowrap"]
----
# Remove the 'system:build-strategy-docker' cluster role from the 'devuser' user
oc adm policy remove-cluster-role-from-user system:build-strategy-docker devuser
----



== oc adm policy scc-review
Check which service account can create a pod

Expand Down Expand Up @@ -687,7 +776,7 @@ Lists rendered MachineConfigs in an OpenShift cluster


== oc adm reboot-machine-config-pool
Initiate reboot of the specified MachineConfigPool.
Initiate reboot of the specified MachineConfigPool

.Example usage
[source,bash,options="nowrap"]
Expand Down Expand Up @@ -800,18 +889,18 @@ Create a new OpenShift release


== oc adm restart-kubelet
Restarts kubelet on the specified nodes
Restart kubelet on the specified nodes

.Example usage
[source,bash,options="nowrap"]
----
# Restart all the nodes, 10% at a time
# Restart all the nodes, 10% at a time
oc adm restart-kubelet nodes --all --directive=RemoveKubeletKubeconfig

# Restart all the nodes, 20 nodes at a time
# Restart all the nodes, 20 nodes at a time
oc adm restart-kubelet nodes --all --parallelism=20 --directive=RemoveKubeletKubeconfig

# Restart all the nodes, 15% at a time
# Restart all the nodes, 15% at a time
oc adm restart-kubelet nodes --all --parallelism=15% --directive=RemoveKubeletKubeconfig

# Restart all the masters at the same time
Expand Down Expand Up @@ -976,12 +1065,12 @@ Wait for nodes to reboot after running `oc adm reboot-machine-config-pool`


== oc adm wait-for-stable-cluster
wait for the platform operators to become stable
Wait for the platform operators to become stable

.Example usage
[source,bash,options="nowrap"]
----
# Wait for all clusteroperators to become stable
# Wait for all cluster operators to become stable
oc adm wait-for-stable-cluster

# Consider operators to be stable if they report as such for 5 minutes straight
Expand Down
35 changes: 20 additions & 15 deletions modules/oc-by-example-content.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -453,7 +453,7 @@ Display users defined in the kubeconfig


== oc config new-admin-kubeconfig
Generate, make the server trust, and display a new admin.kubeconfig.
Generate, make the server trust, and display a new admin.kubeconfig

.Example usage
[source,bash,options="nowrap"]
Expand All @@ -465,7 +465,7 @@ Generate, make the server trust, and display a new admin.kubeconfig.


== oc config new-kubelet-bootstrap-kubeconfig
Generate, make the server trust, and display a new kubelet /etc/kubernetes/kubeconfig.
Generate, make the server trust, and display a new kubelet /etc/kubernetes/kubeconfig

.Example usage
[source,bash,options="nowrap"]
Expand All @@ -477,7 +477,7 @@ Generate, make the server trust, and display a new kubelet /etc/kubernetes/kubec


== oc config refresh-ca-bundle
Update the OpenShift CA bundle by contacting the apiserver.
Update the OpenShift CA bundle by contacting the API server

.Example usage
[source,bash,options="nowrap"]
Expand All @@ -488,7 +488,7 @@ Update the OpenShift CA bundle by contacting the apiserver.
# Refresh the CA bundle for the cluster named e2e in your kubeconfig
oc config refresh-ca-bundle e2e

# Print the CA bundle from the current OpenShift cluster's apiserver.
# Print the CA bundle from the current OpenShift cluster's API server
oc config refresh-ca-bundle --dry-run
----

Expand Down Expand Up @@ -591,6 +591,9 @@ Set a user entry in kubeconfig
# Enable new exec auth plugin for the "cluster-admin" entry
oc config set-credentials cluster-admin --exec-command=/path/to/the/executable --exec-api-version=client.authentication.k8s.io/v1beta1

# Enable new exec auth plugin for the "cluster-admin" entry with interactive mode
oc config set-credentials cluster-admin --exec-command=/path/to/the/executable --exec-api-version=client.authentication.k8s.io/v1beta1 --exec-interactive-mode=Never

# Define new exec auth plugin arguments for the "cluster-admin" entry
oc config set-credentials cluster-admin --exec-arg=arg1 --exec-arg=arg2

Expand Down Expand Up @@ -819,6 +822,9 @@ Create a deployment with the specified name

# Create a deployment named my-dep that runs the busybox image and expose port 5701
oc create deployment my-dep --image=busybox --port=5701

# Create a deployment named my-dep that runs multiple containers
oc create deployment my-dep --image=busybox:latest --image=ubuntu:latest --image=nginx
----


Expand Down Expand Up @@ -1127,7 +1133,7 @@ Create a TLS secret
[source,bash,options="nowrap"]
----
# Create a new TLS secret named tls-secret with the given key pair
oc create secret tls tls-secret --cert=path/to/tls.cert --key=path/to/tls.key
oc create secret tls tls-secret --cert=path/to/tls.crt --key=path/to/tls.key
----


Expand Down Expand Up @@ -1261,8 +1267,8 @@ Launch a new instance of a pod for debugging
# Debug a node as an administrator
oc debug node/master-1

# Debug a Windows Node
# Note: the chosen image must match the Windows Server version (2019, 2022) of the Node
# Debug a Windows node
# Note: the chosen image must match the Windows Server version (2019, 2022) of the node
oc debug node/win-worker-1 --image=mcr.microsoft.com/powershell:lts-nanoserver-ltsc2022

# Launch a shell in a pod using the provided image stream tag
Expand Down Expand Up @@ -1569,10 +1575,10 @@ Experimental: Get token from external OIDC issuer as credentials exec plugin
.Example usage
[source,bash,options="nowrap"]
----
# Starts an auth code flow to the issuer url with the client id and the given extra scopes
# Starts an auth code flow to the issuer URL with the client ID and the given extra scopes
oc get-token --client-id=client-id --issuer-url=test.issuer.url --extra-scopes=email,profile

# Starts an authe code flow to the issuer url with a different callback address.
# Starts an auth code flow to the issuer URL with a different callback address
oc get-token --client-id=client-id --issuer-url=test.issuer.url --callback-address=127.0.0.1:8343
----

Expand Down Expand Up @@ -1737,8 +1743,7 @@ Mirror images from one repository to another

# Copy specific os/arch manifest of a multi-architecture image
# Run 'oc image info myregistry.com/myimage:latest' to see available os/arch for multi-arch images
# Note that with multi-arch images, this results in a new manifest list digest that includes only
# the filtered manifests
# Note that with multi-arch images, this results in a new manifest list digest that includes only the filtered manifests
oc image mirror myregistry.com/myimage:latest=myregistry.com/other:test \
--filter-by-os=os/arch

Expand All @@ -1753,8 +1758,8 @@ Mirror images from one repository to another

# Copy specific os/arch manifest of a multi-architecture image
# Run 'oc image info myregistry.com/myimage:latest' to see available os/arch for multi-arch images
# Note that the target registry may reject a manifest list if the platform specific images do not all
# exist. You must use a registry with sparse registry support enabled.
# Note that the target registry may reject a manifest list if the platform specific images do not all exist
# You must use a registry with sparse registry support enabled
oc image mirror myregistry.com/myimage:latest=myregistry.com/other:test \
--filter-by-os=linux/386 \
--keep-manifest-list=true
Expand Down Expand Up @@ -1856,7 +1861,7 @@ Log in to a server
# Log in to the given server through a browser
oc login localhost:8443 --web --callback-port 8280

# Log in to the external OIDC issuer through Auth Code + PKCE by starting a local server listening port 8080
# Log in to the external OIDC issuer through Auth Code + PKCE by starting a local server listening on port 8080
oc login localhost:8443 --exec-plugin=oc-oidc --client-id=client-id --extra-scopes=email,profile --callback-port=8080
----

Expand Down Expand Up @@ -3003,7 +3008,7 @@ Print the client and server version information
# Print the OpenShift client, kube-apiserver, and openshift-apiserver version information for the current context
oc version

# Print the OpenShift client, kube-apiserver, and openshift-apiserver version numbers for the current context in json format
# Print the OpenShift client, kube-apiserver, and openshift-apiserver version numbers for the current context in JSON format
oc version --output json

# Print the OpenShift client version information for the current context
Expand Down