Overview
As outlined on the Container Service website, updating applications and application images is a customer responsibility. This starts with selecting an appropriate base image, regularly checking for image updates, rebuilding your application to utilize updated images, and regularly moving your base image forward to keep it current. Although no one suggestion will address all situations, some guidelines apply to most.
Container Service
Overview
Review the OpenShift documentation on launching a debug pod from the CLI.
Overview
The Container Service uses Red Hat's OpenShift to host containerized applications. The OpenShift command-line interface provides a quick command for creating working OpenShift applications based on existing Docker applications. This is: oc new-app
For more information, review OpenShift Documentation: The new-app Command.
This document provides examples of how to use the new-app command.
Overview
Developers may wish to forward a port from a pod running in the OpenShift cluster to their local machine without the use of a route. This is useful in testing and debugging scenarios. For example, developers can connect a locally-running IDE to a non-production pod to set breakpoints on the application. Port forwarding makes ports temporarily available, and only to the client who has setup the forwarding session.
General Information
Red Hat has published an excellent 5 part blog series of best practices when dealing with private Git repositories that covers this as well as related topics in detail.
Overview
The OpenShift Container Platform can build container images from your source code, deploy them, and manage their lifecycle. OpenShift also provides an internal, integrated container image registry. This document provides instructions for authenticating to and interacting with this registry from docker or podman command line, as well as from external CI/CD processes, like Github Actions.
Registry URLs
The containers.aws.web.umich.edu registry has two valid URLs:
Overview
Secrets provide for storage and access of sensitive information. For more information, review Kubernetes documentation on secrets.
Overview
Review the OpenShift documentation for claiming and utilizing persistent storage.
The Container Service provides storage for applications that need to store stateful information. The AWS cluster--containers.aws.web.umich.edu--provides access to two primary storage technologies:
Background
Docker Hub limits anonymous pull requests for images. The Container Service pulls Docker Hub images to the openshift namespace via a service account account that is not subject to these limits. This service account is only used for openshift image pulls. As such, customers may experience image pull issues caused by the Docker Hub limits within their own namespaces.
This document lists the potential ways in which you may experience this and how to work around it.