# Installing on OpenShift Running Akamas on OpenShift requires some Helm configurations to be applied. The installation is provided as a set of templates packaged in a chart archive managed by [Helm](https://helm.sh/). Custom values are applied to ensure Akamas complies with the default `restricted-v2` security context constraints. ## OpenShift requirements OpenShift version 4.x. {% hint style="info" %} Before proceeding with the installation make sure you meet the [Kubernetes requirements](/akamas-docs/installing/kubernetes/prerequisites.md) {% endhint %} ## Installation The installation can be done offline and online as described in the section [Install Akamas](/akamas-docs/installing/kubernetes/install-akamas.md). Choose the one that better suits your cluster access policies. The following snippet must be added to the `akamas.yaml` to install Akamas on OpenShift. {% code title="akamas.yaml" %} ```yaml airflow: uid: null gid: null postgresql: primary: containerSecurityContext: enabled: false podSecurityContext: enabled: false shmVolume: enabled: false kibana: podSecurityContext: fsGroup: null securityContext: runAsUser: null elasticsearch: sysctlInitContainer: enabled: false securityContext: runAsUser: null podSecurityContext: fsGroup: null runAsUser: null ``` {% endcode %} ## Access Akamas - Ingress to route Besides the methods described in [Accessing Akamas](/akamas-docs/installing/kubernetes/accessing-akamas.md), you can use the OpenShift default ingress controller to create the required routes. Add the following snippet to the `akamas.yaml` file. {% code title="akamas.yaml" %} ```yaml ingress: enabled: true annotations: route.openshift.io/termination: edge haproxy.router.openshift.io/timeout: 1200s className: "" tls: - {} ``` {% endcode %} Once the Helm command is invoked, ensure the routes have been created by running: ``` oc get routes ``` The output must list the Akamas routes with different paths. ### Toolbox The toolbox optional component requires privileged access to run on OpenShift; the toolbox uses a dedicated service account, named `toolbox` by default. You can grant privileged access by issuing the following command. ```bash #This command assumes the akamas namespace is named "akamas" # and the service account default name "toolbox" is used oc adm policy add-scc-to-user privileged system:serviceaccount:akamas:toolbox ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.akamas.io/akamas-docs/installing/kubernetes/installing-on-openshift.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.