{"id":16358495,"url":"https://github.com/detiber/openshift-origin-rhel","last_synced_at":"2025-06-28T12:34:40.290Z","repository":{"id":145760874,"uuid":"58245774","full_name":"detiber/openshift-origin-rhel","owner":"detiber","description":"Azure Resource Manager Template for Deploying OpenShift Origin","archived":false,"fork":false,"pushed_at":"2016-05-07T04:28:47.000Z","size":26,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-05-21T11:51:39.944Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/detiber.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-05-07T02:37:27.000Z","updated_at":"2019-11-03T22:02:52.000Z","dependencies_parsed_at":"2023-04-05T21:48:15.872Z","dependency_job_id":null,"html_url":"https://github.com/detiber/openshift-origin-rhel","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/detiber/openshift-origin-rhel","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/detiber%2Fopenshift-origin-rhel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/detiber%2Fopenshift-origin-rhel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/detiber%2Fopenshift-origin-rhel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/detiber%2Fopenshift-origin-rhel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/detiber","download_url":"https://codeload.github.com/detiber/openshift-origin-rhel/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/detiber%2Fopenshift-origin-rhel/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262432107,"owners_count":23310177,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-11T02:05:57.623Z","updated_at":"2025-06-28T12:34:40.246Z","avatar_url":"https://github.com/detiber.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OpenShift Origin with Azure Active Directory\n\n\u003ca href=\"https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fdetiber%2Fopenshift-origin-rhel%2Fmaster%2Fazuredeploy.json\" target=\"_blank\"\u003e\u003cimg src=\"http://azuredeploy.net/deploybutton.png\"/\u003e\u003c/a\u003e\n\u003ca href=\"http://armviz.io/#/?load=https%3A%2F%2Fraw.githubusercontent.com%2Fdetiber%2Fopenshift-origin-rhel%2Fmaster%2Fazuredeploy.json\" target=\"_blank\"\u003e\n    \u003cimg src=\"http://armviz.io/visualizebutton.png\"/\u003e\n\u003c/a\u003e\n\nThis template deploys OpenShift Origin and configures Azure Active Directory as the primary authentication provider. It includes the following resources:\n\n|Resource           |Properties                                                                                                                          |\n|-------------------|------------------------------------------------------------------------------------------------------------------------------------|\n|Key Vault          |Secret for storing SSH private key                                                                                                  |\n|Virtual Network    |**Address prefix:** 10.0.0.0/16\u003cbr /\u003e**Master subnet:** 10.0.0.0/24\u003cbr /\u003e**Node subnet:** 10.0.1.0/24                               |\n|Load Balancer      |2 probes and two rules for TCP 80 and TCP 443                                                                                       |\n|Public IP Addresses|OpenShift Master public IP\u003cbr /\u003eOpenShift Router public IP attached to Load Balancer                                                |\n|Storage Accounts   |2 Storage Accounts                                                                                                                  |\n|Virtual Machines   |Single master\u003cbr /\u003eUser-defined number of nodes\u003cbr /\u003eAll VMs include a single attached data disk for Docker thin pool logical volume|\n\n## Prerequisites\n\n### Create Azure AD Application\n\nAn Azure AD application must be created before deploying this template. This can be accomplished via the following steps:\n\n1. Login to [https://manage.windowsazure.com](https://manage.windowsazure.com)\n2. Select the **Active Directory** button from the available services list\n3. Click on the name of the directory from which users will be granted access to OpenShift\n4. Click on the **APPLICATIONS** tab\n5. Click on the **ADD** button at the bottom\n6. Select the *Add an application my organization is developing* link\n7. Provide a name for the application (note that this name should be all one word as it will be used later as part of the reply URL)\n8. Select the *Web Application And/Or Web API* radio button\n9. On the next page, enter the fully-qualified sign-on URL for your application. This should be in the following format: [https://[openshift_master_public_ip_dns_name].[region].cloudapp.azure.com:8443/console](). The App ID URI can be set to the same value as the sign-on URL\n11. Click the checkmark to create the application\n12. Select the **CONFIGURE** tab\n13. Make note of the *Client ID* as you will need this when deploying the template\n14. Under the *Keys* section, click on the dural dropdown list and choose an appropriate duration \n15. Under the *Single Sign-On* section and in the *Reply URL* box, enter the following URL: [https://[openshift_master_public_ip_dns_name].[region].cloudapp.azure.com:8443/oauth2callback/[azure_ad_app_name]]()\n16. Click the **SAVE** button at the bottom to save the configuration settings and generate a client secret\n17. Make note of the secret key that is generated as you will need this when deploying the template\n\n### Generate SSH Keys\n\nYou'll need to generate a pair of SSH keys in order to provision this template. Ensure that you do not include a passcode with the private key.\n\n## Deploy Template\n\nOnce you have collected all of the prerequisites for the template, you can deploy the template using the **Deploy to Azure** button at the top or by populating the *azuredeploy.parameters.json* file and executing Resource Manager deployment commands with PowerShell or the xplat CLI.\n\n### NOTE\n\n\u003e The `azureAdLogoutRedirectUri` parameter should be set to the following: [https://[openshift_master_public_ip_dns_name].[region].cloudapp.azure.com:8443/]().\n\u003chr /\u003e\nSince JSON does not support multiline strings, you must replace line breaks with `\\n` when adding your SSH private key to the `sshPrivateKey` parameter. \n\u003chr /\u003e\nThe OpenShift Ansible playbook does take a while to run when using VMs backed by Standard Storage. The template can be modified to use DS/GS-series VMs backed by Premium Storage for a faster deployment and subsequent pod instantiations. If you choose to do this, you should also ensure that the attached `docker-pool` data disk is backed by Premium Storage.\n\n## Post-Deployment Operations\n\nThis template deploys a [containerized installation](https://docs.openshift.org/latest/install_config/install/rpm_vs_containerized.html) of OpenShift which results in the creation of a CLI wrapper script on the Master node. By default, the admin user provisioned by the template is logged in as the `system:admin` system user which has access to everything. It is advised that you bind the `cluster-admin` policy to a user from your Azure AD tenant as follows:\n\n1. SSH in to master node\n2. Execute the following command:\n\n   ```sh\n   sudo oadm policy add-cluster-role-to-user cluster-admin \u003cuser\u003e@\u003cazure_ad_domain\u003e\n   ```\n\n3. Attempt to login to OpenShift with the Azure AD user as follows:\n\n   ```sh\n   sudo oc login -u \u003cuser\u003e@\u003cazure_ad_domain\u003e\n   ```\n   \n   To obtain a token, you will need access to a browser in order to complete the authentication steps as prompted.\n \n## Additional OpenShift Configuration Options\n \nYou can configure additional settings per the official [OpenShift Origin Documentation](https://docs.openshift.org/latest/welcome/index.html).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdetiber%2Fopenshift-origin-rhel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdetiber%2Fopenshift-origin-rhel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdetiber%2Fopenshift-origin-rhel/lists"}