Chapter 1. Post-installation configuration overview

After installing OpenShift Container Platform, a cluster administrator can configure and customize the following components:

  • Machine
  • Cluster
  • Node
  • Network
  • Storage
  • Users
  • Alerts and notifications

1.1. Performing post-installation configuration tasks

Cluster administrators can perform the following post-installation configuration tasks:

  • Configure operating system features: Machine Config Operator (MCO) manages MachineConfig objects. By using MCO, you can perform the following on an OpenShift Container Platform cluster:

    • Configure nodes by using MachineConfig objects
    • Configure MCO-related custom resources
  • Configure cluster features: As a cluster administrator, you can modify the configuration resources of the major features of an OpenShift Container Platform cluster. These features include:

    • Image registry
    • Networking configuration
    • Image build behavior
    • Identity provider
    • The etcd configuration
    • Machine set creation to handle the workloads
    • Cloud provider credential management
  • Configure cluster components to be private: By default, the installation program provisions OpenShift Container Platform by using a publicly accessible DNS and endpoints. If you want your cluster to be accessible from within an internal network only, configure the following components to be private:

    • DNS
    • Ingress Controller
    • API server
  • Perform node operations: By default, OpenShift Container Platform uses Red Hat Enterprise Linux CoreOS (RHCOS) compute machines. As a cluster administrator, you can perform the following operations with the machines in your OpenShift Container Platform cluster:

    • Add and remove compute machines
    • Add and remove taints and tolerations to the nodes
    • Configure the maximum number of pods per node
    • Enable Device Manager
  • Configure network: After installing OpenShift Container Platform, as a cluster administrator, you can configure the following:

    • Ingress cluster traffic
    • Node port service range
    • Network policy
    • Enabling the cluster-wide proxy
  • Configure storage: By default, containers operate using ephemeral storage or transient local storage. The ephemeral storage has a lifetime limitation, so you must configure persistent storage to store the data for a long time. You can configure storage by using one of the following methods:

    • Dynamic provisioning: You can dynamically provision storage on demand by defining and creating storage classes that control different levels of storage, including storage access.
    • Static provisioning: Cluster administrators can use Kubernetes persistent volumes to make existing storage available to a cluster by supporting various device configurations and mount options.
  • Configure users: OAuth access tokens allow users to authenticate themselves to the API. As a cluster administrator, you can configure OAuth to specify an identity provider, use role-based access control to define and apply permissions to users, and install an Operator from OperatorHub.
  • Manage alerts and notifications: As a cluster administrator, you can view firing alerts by default from the Alerting UI of the web console. You can also configure OpenShift Container Platform to send alert notifications to external systems so that you learn about important issues with your cluster.