Skip to content

Command line tool usage

Rahti 2 can be used via the command line either with OpenShift's oc tool or with the kubectl tool from Kubernetes. Certain features specific to OpenShift are only available when using the oc tool.

How to install the oc tool

The oc tool is a single binary that only needs to be included in your path. You may download it from the Getting started with the OpenShift CLI page in OpenShift's documentation. Follow the detailed instructions in the link.

In order to test that it was properly installed, open a new terminal, go to any folder, and run:

$ oc --help

It should show the list of all available commands.

The "Command Line Tools" page in the OpenShift web UI

Instructions for downloading the oc tool including the download link for several platforms and operating systems can be found in the "Command Line Tools" page in the web interface:

Command line tools

after clicking you will be welcomed with:

OpenShift Command Line Tools page

How to login with oc?

The oc login command to login can be found in the dropdown menu next to your name. There is a button next to it for copying the command to the clipboard. Copy the command and paste it in a terminal to start using OpenShift via the command line. The command looks like:

oc login --token=<secret access token>

This command can be obtained by clicking your username and "Copy Login Command" in the web console:

copy login


If you open multiple terminals, the login session for oc will be active in all of them.

How to login in the registry?

In order to use Rahti 2 internal container registry, it is necessary to login separately. Once you login, it is possible to use the client docker to pull and push from Rahti 2's registry.

Using personal account

After login with oc, it is possible to use the command to generate a token (oc whoami -t):

docker login -p $(oc whoami -t ) -u unused

Using a service account token

Rahti 2 also offers the opportunity of using an internal service account to interact with the registry. This is recommended for automated procedures like a CI pipeline. Even though by default 3 internal service accounts are created in every Rahti 2 namespace: builder, default and deployer, it is recommended to create a dedicated internal service account and assign to it the system:image-pusher role.

oc create serviceaccount pusher
oc policy add-role-to-user system:image-pusher pusher
docker login -p $(oc sa get-token pusher) -u unused

This service account token, the one you get with oc sa get-token pusher does not expire.

CLI cheat sheet

Basic usage:

oc <command> <--flags>
oc help <command>


Show projects:

oc projects

Switch to project my-project:

oc project my-project

Show all pods in the current namespace:

oc get pods

Show all pods in the namespace <my-other-name-space>:

oc get pods -n <my-other-namespace>

Show all pods that have the key-value pair app: myapp in metadata.labels:

oc get pods --selector app=myapp

Print the specifications of the pod mypod

oc get pod mypod -o yaml

Other useful commands

  • oc create creates an object. Example: oc create -f file.yaml
  • oc replace replaces an object. Example: oc replace -f file.yaml
  • oc delete deletes an object in OpenShift. Example: oc delete rc myreplicationcontroller
  • oc apply modifies an object according to the input. Example oc apply -f file.yaml
  • oc explain prints out the API documentation. Example: oc explain dc.spec
  • oc edit loads an object from the API to the local editor chosen by the $EDITOR environment variable. Example: oc edit DeploymentConfig mydc


Object types have abbreviations that are recognized in the CLI:

Abbreviation Meaning
is ImageStream
dc DeploymentConfig
svc Service
bc BuildConfig
rc ReplicationController
pvc PersistentVolumeClaim

Further documentation

See the official documentation for more information about using the command line interface:

Last update: March 13, 2024