How to open a shell prompt on an OpenShift node

Ranch
You can support us by downloading this article in PDF format via the link below.

Download the guide as a PDF

turn off
Ranch

Ranch
Ranch

OpenShift Worker and Master node users starting with OpenShift Container Platform 4.0 use Red Hat CoreOS (RHCOS) as the base operating system. For OKD, this will be Fedora CoreOS (FCOS). It is not recommended to ssh directly to the OpenShift node, don’t forget that by default you can only use ssh keys for access. This SSH key is the one provided when deploying the OpenShift / OKD container platform. So how can you access the Shell prompt of the OpenShift node.

Open Shell Prompt on OpenShift Node

OpenShift provides OC Client, which can be used to access the Shell prompt of an OpenShift node.

Once the OpenShift cluster is up and running, you can install the oc client using the following command:

--- Linux ---
wget https://mirror.openshift.com/pub/openshift-v4/clients/oc/latest/linux/oc.tar.gz
tar xvf oc.tar.gz
chmod +x oc
sudo mv oc /usr/local/bin

--- macOS ---
wget https://mirror.openshift.com/pub/openshift-v4/clients/oc/latest/macosx/oc.tar.gz
tar xvf oc.tar.gz
chmod +x oc
sudo mv oc /usr/local/bin

Confirm the installation by checking the version:

$ oc version
Client Version: 4.5.0-202003270516-ad76834
Kubernetes Version: v1.17.4

Access OpenShift node shell

You will use oc debug node Command to open a shell prompt in any node of the cluster. The syntax is:

$ oc debug node/

But first list your cluster nodes:

$ oc get nodes
NAME                                STATUS   ROLES          AGE   VERSION
mas01.ocp.computingforgeeks.com     Ready    master         10d   v1.16.2
mas02.ocp.computingforgeeks.com     Ready    master         10d   v1.16.2
mas03.ocp.computingforgeeks.com     Ready    master         10d   v1.16.2
infra03.ocp.computingforgeeks.com   Ready    infra,worker   10d   v1.16.2
infra03.ocp.computingforgeeks.com   Ready    infra,worker   10d   v1.16.2
node01.ocp.computingforgeeks.com    Ready    worker         10d   v1.16.2
node02.ocp.computingforgeeks.com    Ready    worker         10d   v1.16.2
node03.ocp.computingforgeeks.com    Ready    worker         10d   v1.16.2
ocs01.ocp.computingforgeeks.com     Ready    worker         10d   v1.16.2
ocs02.ocp.computingforgeeks.com     Ready    worker         10d   v1.16.2
ocs03.ocp.computingforgeeks.com     Ready    worker         10d   v1.16.2

Suppose you want to start a shell session to ocs01.ocp.computingforgeeks.com Node, you will run:

$ oc debug node/node01.ocp.computingforgeeks.com
Starting pod/node01ocpcomputingforgeekscom-debug ...
To use host binaries, run `chroot /host`

The prompt comes from a dedicated tool container that mounts the node root file system on /host Folder and allows you to check all files in the node.

You need to start the chroot shell in the / host folder as shown in the command output. This will enable you to use the host binary in the shell.

chroot /host

You will see the following output:

chroot /host
Pod IP: 10.184.48.235
If you don't see a command prompt, try pressing enter.
sh-4.2# chroot /host
sh-4.4# 

Try running commands such as checking the operating system version:

sh-4.4# cat /etc/redhat-release 
Red Hat Enterprise Linux CoreOS release 4.3

sh-4.4# nmcli con show
NAME                UUID                                  TYPE      DEVICE 
Wired connection 1  dcd75b54-c1d9-39b7-b7e9-6996a182b53a  ethernet  ens192 

The oc debug shell session uses the same tunneling technology, which allows shell prompts to be opened in a running pod – oc rsh.

More information on OpenShift.

How to install Operator SDK CLI on Linux / macOS

Prevent users from creating projects in OpenShift / OKD clusters

Setting up a local OpenShift 4.2 cluster with a CodeReady container

How to Install and Use Source to Image (S2I) Toolkit on Linux

Ranch
You can support us by downloading this article in PDF format via the link below.

Download the guide as a PDF

turn off
Ranch

Ranch
Ranch

Related Posts