Vanakkam all
Last week had a discussion with one of CubenSquare student, who is working as Redhat Openshift Admin for the past 3 years in UK. He started with L1 support and now into L3 due to demand and skills.
He shared his day to day activities as a Openshift Admin . By reading this, you can understand what an Openshift admin does on his role and also helps to prepare for your interview by assuming the questions around below topics.
At high level, he gets below request through Jira as user story :
– Design the Openshift Cluster
– Provide logging solutions
– Cluster scaling
– Registry solutions
– Namespace creation and administration
– RBAC
– Installing and managing operators
– Cluster upgrade
– Application Migration
– Security
– Troubleshootings
Lets breakdown the tasks:
1. Design cluster – to build a cluster, he needs to analyze the cluster size, node size, number of workers, number of infra nodes, type of storages, type of authentication to the cluster, type of load balancer to use
2. Logging solution involves understanding of external logging soliution .
Think about splunk or any other logging tools . OCP is not a logging platform(meaning not ideal to store all logs inside the cluster), as per RedHat recommendation, all logs( audit logs, infra logs and application logs) should be stored outside the cluster. So as an OCP Engineer, we can have an external logging solution like Splunk or whatever used in your org, use clusterlogforwarder in ocp to send logs.
3. Cluster scaling, handling the workloads in the cluster. How does it impact. Solutioning around these.
4. Registry solutions. How do we store and manage docker images both for cluster and for applications.
5. Namespace : Maintain and manage projects/namespaces – set resource quota and limitranges. check if project templates are required
6. RBAC: What kind of RBAC to be created and managed and maintained in the cluster for both administrators and for consumers
7. Installing Operators in the cluster
Cluster Upgrade/Patching
1. If RedHat releases a new ocp version, doing research around the new version, analysis and gathering requirements of it. Identifying new features, degraded features and how does it impact our existing clusters if we plan to upgrade.
2. Regular patching of clusters
Migration/Developer Experience
1. Working closely with the consumers to get them migrate their applications to the platform
2. Assisting them with resources such as pods, services, network policies, pvc, etc…
3. Creating helm charts
4. Solutions for their applications and workloads
Security
1. Managing ACLs
2. Hardening the cluster. Say for example, using compliance operator inside the cluster.
3. RBAC for service accounts and how they can be managed and maintained. Suggested way is to use least privileged roles and rolebindings
4. Scanning of images using inside the cluster. Can use external solutions like aqua, jfrog xray scan, etc
5. Network policies
In our next article we shall discuss about Day to Day activities of a AWS Cloud Engineer. Thank you