If you use Kubernetes/OpenShift in any capacity, you have no doubt seen commands that start with
oc being used to interact with the system. The
oc tool can do a lot, and is pretty intuitive to use once you understand a few things.
I’m going to give a brief background/overview here about Kubernetes/OpenShift and then get into what
oc does and how to use it. From this point on I will just refer to "OpenShift" and
oc, but the vast majority of this article will also apply to Kubernetes and
OpenShift has a RESTful API that is used for configuration
At the heart of OpenShift is an etcd database that contains a bunch of object which define the current and desired state of the system. The object types are defined by controllers that operate on them. Much like any application, each object type is a representation of a real world thing. In the case of OpenShift it is container infrastructure that is being represented: containers, load balancers, routers, that sort of thing. The API is highly extensible so there is no limit to the number of types and objects you use or create.
Rather than reading and writing to the etcd database directly (which would be highly error prone, and incredibly insecure), users interact with the OpenShift database through a RESTful API that performs all the authentication, access control, and integrity checking needed for the system. The API has numerous endpoints available for reading and manipulating objects. Since it is a normal HTTP-based REST API, it can be accessed programmatically through either user interfaces or command line tools (which translate user actions into API calls).
oc is the official command line tool that provides this.
In addition to providing a human-friendly interface to the OpenShift API, the
oc command line tool can do other things that make working with the system easier. It will keep track of sessions and configuration, as well as act as a source of documentation.