This guide assumes you already have OpenShift Local (formerly CRC) installed and running on your macOS or Linux machine. Now it’s time to level up your OpenShift skills with advanced, hands-on workflows designed to mimic real-world cluster usage.

---

Overview of What You’ll Learn

1. Creating and Managing Projects
2. Deploying Applications with Templates and Helm
3. Configuring Routes and Services
4. Working with Persistent Storage (PVC, PV)
5. CI/CD Pipelines using OpenShift Pipelines (Tekton)
6. Managing Secrets and ConfigMaps
7. Resource Limits, Quotas, and Requests
8. Monitoring and Logging with built-in tools
9. Role-Based Access Control (RBAC)
10. GitOps (Optional Bonus)

---

1. Create and Manage Projects (Namespaces)

oc new-project dev-project
oc get projects

Explanation:

• Projects are isolated Kubernetes namespaces with OpenShift-specific metadata.
• Use them to separate development, staging, and production workloads.

---

2. Deploy Applications via Templates or Helm

Option A: Using OpenShift Templates

oc new-app --name=my-nginx nginx

Option B: Using Helm Charts (if Helm is enabled)

helm repo add bitnami https://charts.bitnami.com/bitnami
helm install my-mysql bitnami/mysql

Scenario: Deploy a frontend-backend app using templates or Helm.

---

3. Expose Applications with Routes

oc expose svc/my-nginx

Explanation:

• This creates an OpenShift Route, which exposes a service to the external world.
• Use this for browser access to your apps.

---

4. Work with Persistent Volumes (PVC/PV)

Create PVC

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

oc apply -f pvc.yaml

Scenario: Use this PVC in a deployment for MySQL/Postgres persistence.

---

5. Build CI/CD with OpenShift Pipelines (Tekton)

oc apply -f https://raw.githubusercontent.com/tektoncd/pipeline/main/examples/v1beta1/taskruns/taskrun.yaml

Scenario:

• Build and deploy from GitHub automatically using Pipeline, Task, TaskRun resources.
• Use Triggers and EventListeners to integrate with GitHub Webhooks.

---

6. Manage Secrets and ConfigMaps

oc create secret generic db-secret --from-literal=username=admin --from-literal=password=redhat
oc create configmap app-config --from-literal=theme=dark

Use in Deployments:

envFrom:
  - secretRef:
      name: db-secret
  - configMapRef:
      name: app-config

---

7. Configure Quotas and Limits

oc create quota mem-cpu-quota --hard=cpu=2,memory=4Gi,pods=10

Scenario: Prevent developers from consuming all cluster resources.

---

8. Monitor and Log

View Pod Logs

oc logs <pod-name>

View Cluster Console Metrics

• Navigate to https://console-openshift-console.apps-crc.testing/ → Observe dashboards.
• View memory, CPU, and event logs per namespace or pod.

---

9. Role-Based Access Control (RBAC)

oc create role dev-reader --verb=get,list --resource=pods
oc create rolebinding dev-binding --role=dev-reader --user=developer

Scenario: Allow a user to only read pod data in a project.

---

10. GitOps (Optional Advanced Scenario)

1. Install Argo CD Operator
2. Connect Argo CD to a Git repository
3. Sync deployments automatically from Git

oc apply -f argo-install.yaml

Use Case: Fully automate application deployments with Git versioning and drift detection.

---

Summary

This advanced OpenShift Local workflow is ideal for developers, DevOps engineers, and learners who want to:

• Simulate real-world Kubernetes workloads
• Learn GitOps and CI/CD pipelines
• Understand the essentials of secure and scalable OpenShift development