mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
Updating control plane config
This commit is contained in:
Jeana Routh
committed by
openshift-cherrypick-robot
openshift-cherrypick-robot
parent
d62a915f17
commit
1283a22ed7
@@ -1980,8 +1980,8 @@ Topics:
|
||||
File: cpmso-getting-started
|
||||
- Name: Control Plane Machine Set Operator configuration
|
||||
File: cpmso-configuration
|
||||
#- Name: Using the Control Plane Machine Set Operator
|
||||
# File: cpmso-using
|
||||
- Name: Using the Control Plane Machine Set Operator
|
||||
File: cpmso-using
|
||||
- Name: Control plane resiliency and recovery
|
||||
File: cpmso-resiliency
|
||||
#- Name: Troubleshooting the Control Plane Machine Set Operator
|
||||
|
||||
@@ -10,11 +10,17 @@ These example YAML file and snippets demonstrate the base structure for a contro
|
||||
|
||||
//Sample YAML for a control plane machine set custom resource
|
||||
include::modules/cpmso-yaml-sample-cr.adoc[leveloffset=+1]
|
||||
////
|
||||
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
* xr@f:../../machine_management/control_plane_machine_management/cpmso-using.adoc#cpmso-feat-config-update_cpmso-using[Updating the control plane configuration]
|
||||
////
|
||||
* xref:../../machine_management/control_plane_machine_management/cpmso-getting-started.adoc#cpmso-getting-started[Getting started with the Control Plane Machine Set Operator]
|
||||
|
||||
* xref:../../machine_management/control_plane_machine_management/cpmso-using.adoc#cpmso-feat-config-update_cpmso-using[Updating the control plane configuration]
|
||||
|
||||
[discrete]
|
||||
[id="cpmso-sample-yaml-provider-specific_{context}"]
|
||||
=== Provider-specific configuration
|
||||
|
||||
The `<platform_failure_domains>` and `<platform_provider_spec>` sections of the control plane machine set resources are provider-specific. Refer to the example YAML for your cluster:
|
||||
|
||||
* xref:../../machine_management/control_plane_machine_management/cpmso-configuration.adoc#cpmso-sample-yaml-aws_cpmso-configuration[Sample YAML snippets for configuring Amazon Web Services clusters]
|
||||
@@ -35,6 +41,10 @@ include::modules/cpmso-yaml-failure-domain-aws.adoc[leveloffset=+2]
|
||||
//Sample AWS provider specification
|
||||
include::modules/cpmso-yaml-provider-spec-aws.adoc[leveloffset=+2]
|
||||
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
* xref:../../machine_management/control_plane_machine_management/cpmso-using.adoc#cpmso-supported-features-aws_cpmso-using[Enabling Amazon Web Services features for control plane machines]
|
||||
|
||||
[id="cpmso-sample-yaml-azure_{context}"]
|
||||
== Sample YAML for configuring Microsoft Azure clusters
|
||||
|
||||
@@ -46,6 +56,10 @@ include::modules/cpmso-yaml-failure-domain-azure.adoc[leveloffset=+2]
|
||||
//Sample Azure provider specification
|
||||
include::modules/cpmso-yaml-provider-spec-azure.adoc[leveloffset=+2]
|
||||
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
* xref:../../machine_management/control_plane_machine_management/cpmso-using.adoc#cpmso-supported-features-azure_cpmso-using[Enabling Microsoft Azure features for control plane machines]
|
||||
|
||||
[id="cpmso-sample-yaml-vsphere_{context}"]
|
||||
== Sample YAML for configuring VMware vSphere clusters
|
||||
|
||||
|
||||
@@ -6,13 +6,71 @@ include::_attributes/common-attributes.adoc[]
|
||||
|
||||
toc::[]
|
||||
|
||||
The Control Plane Machine Set Operator automates the following capabilities:
|
||||
The Control Plane Machine Set Operator automates several essential aspects of control plane management.
|
||||
|
||||
//Vertical resizing of the control plane
|
||||
include::modules/cpmso-feat-vertical-resize.adoc[leveloffset=+1]
|
||||
//include::modules/cpmso-feat-vertical-resize.adoc[leveloffset=+1]
|
||||
|
||||
//Updating the control plane configuration
|
||||
include::modules/cpmso-feat-config-update.adoc[leveloffset=+1]
|
||||
|
||||
//Automatically updating the control plane configuration
|
||||
include::modules/cpmso-feat-auto-update.adoc[leveloffset=+2]
|
||||
|
||||
//Testing changes to the control plane configuration
|
||||
include::modules/cpmso-feat-test-changes.adoc[leveloffset=+2]
|
||||
|
||||
[id="cpmso-supported-features-aws_{context}"]
|
||||
== Enabling Amazon Web Services features for control plane machines
|
||||
|
||||
You can enable Amazon Web Services (AWS) features on control plane machines by changing the configuration of your control plane machine set. When you save an update to the control plane machine set, the Control Plane Machine Set Operator updates the control plane machines according to your configured update strategy.
|
||||
|
||||
//Machine sets that enable the Amazon EC2 Instance Metadata Service
|
||||
include::modules/machineset-imds-options.adoc[leveloffset=+2]
|
||||
|
||||
//Creating machines that use the Amazon EC2 Instance Metadata Service
|
||||
include::modules/machineset-creating-imds-options.adoc[leveloffset=+3]
|
||||
|
||||
//Machine sets that deploy machines as Dedicated Instances
|
||||
include::modules/machineset-dedicated-instances.adoc[leveloffset=+2]
|
||||
|
||||
//Creating Dedicated Instances by using machine sets
|
||||
include::modules/machineset-creating-dedicated-instances.adoc[leveloffset=+3]
|
||||
|
||||
[id="cpmso-supported-features-azure_{context}"]
|
||||
== Enabling Microsoft Azure features for control plane machines
|
||||
|
||||
You can enable Microsoft Azure features on control plane machines by changing the configuration of your control plane machine set. When you save an update to the control plane machine set, the Control Plane Machine Set Operator updates the control plane machines according to your configured update strategy.
|
||||
|
||||
//Selecting an Azure Marketplace image
|
||||
include::modules/installation-azure-marketplace-subscribe.adoc[leveloffset=+2]
|
||||
|
||||
//Enabling Azure boot diagnostics
|
||||
include::modules/machineset-azure-boot-diagnostics.adoc[leveloffset=+2]
|
||||
|
||||
//Machine sets that deploy machines on ultra disks as data disks
|
||||
include::modules/machineset-azure-ultra-disk.adoc[leveloffset=+2]
|
||||
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
* link:https://docs.microsoft.com/en-us/azure/virtual-machines/disks-types#ultra-disks[Microsoft Azure ultra disks documentation]
|
||||
|
||||
//Creating machines on ultra disks by using machine sets
|
||||
include::modules/machineset-creating-azure-ultra-disk.adoc[leveloffset=+3]
|
||||
|
||||
//Troubleshooting resources for machine sets that enable ultra disks
|
||||
include::modules/machineset-troubleshooting-azure-ultra-disk.adoc[leveloffset=+3]
|
||||
|
||||
//Enabling customer-managed encryption keys for a machine set
|
||||
include::modules/machineset-customer-managed-encryption-azure.adoc[leveloffset=+2]
|
||||
|
||||
// Accelerated Networking for Microsoft Azure VMs
|
||||
include::modules/machineset-azure-accelerated-networking.adoc[leveloffset=+2]
|
||||
|
||||
//Not applicable for 4.12, possibly 4.13?
|
||||
//[role="_additional-resources"]
|
||||
//.Additional resources
|
||||
//* xref:../../installing/installing_azure/installing-azure-customizations.adoc#machineset-azure-enabling-accelerated-networking-new-install_installing-azure-customizations[Enabling Accelerated Networking during installation]
|
||||
|
||||
// Enabling Accelerated Networking on an existing Microsoft Azure cluster
|
||||
include::modules/machineset-azure-enabling-accelerated-networking-existing.adoc[leveloffset=+3]
|
||||
|
||||
@@ -29,7 +29,7 @@ include::modules/machineset-creating-imds-options.adoc[leveloffset=+2]
|
||||
//Machine sets that deploy machines as Dedicated Instances
|
||||
include::modules/machineset-dedicated-instances.adoc[leveloffset=+1]
|
||||
|
||||
//Creating Dedicated Instances by using compute machine sets
|
||||
//Creating Dedicated Instances by using machine sets
|
||||
include::modules/machineset-creating-dedicated-instances.adoc[leveloffset=+2]
|
||||
|
||||
//Machine sets that deploy machines as Spot Instances
|
||||
|
||||
@@ -23,7 +23,7 @@ include::modules/machineset-creating.adoc[leveloffset=+1]
|
||||
//Selecting an Azure Marketplace image
|
||||
include::modules/installation-azure-marketplace-subscribe.adoc[leveloffset=+1]
|
||||
|
||||
//Enabling Azure boot diagnostics on compute machines
|
||||
//Enabling Azure boot diagnostics
|
||||
include::modules/machineset-azure-boot-diagnostics.adoc[leveloffset=+1]
|
||||
|
||||
//Machine sets that deploy machines as Spot VMs
|
||||
@@ -47,13 +47,13 @@ include::modules/machineset-azure-ultra-disk.adoc[leveloffset=+1]
|
||||
* xref:../../storage/container_storage_interface/persistent-storage-csi-azure.adoc#machineset-azure-ultra-disk_persistent-storage-csi-azure[Machine sets that deploy machines on ultra disks using CSI PVCs]
|
||||
* xref:../../storage/persistent_storage/persistent-storage-azure.adoc#machineset-azure-ultra-disk_persistent-storage-azure[Machine sets that deploy machines on ultra disks using in-tree PVCs]
|
||||
|
||||
//Creating machines on ultra disks by using compute machine sets
|
||||
//Creating machines on ultra disks by using machine sets
|
||||
include::modules/machineset-creating-azure-ultra-disk.adoc[leveloffset=+2]
|
||||
|
||||
//Troubleshooting resources for compute machine sets that enable ultra disks
|
||||
//Troubleshooting resources for machine sets that enable ultra disks
|
||||
include::modules/machineset-troubleshooting-azure-ultra-disk.adoc[leveloffset=+2]
|
||||
|
||||
//Enabling customer-managed encryption keys for a compute machine set
|
||||
//Enabling customer-managed encryption keys for a machine set
|
||||
include::modules/machineset-customer-managed-encryption-azure.adoc[leveloffset=+1]
|
||||
|
||||
// Accelerated Networking for Microsoft Azure VMs
|
||||
|
||||
13
modules/cpmso-feat-auto-update.adoc
Normal file
13
modules/cpmso-feat-auto-update.adoc
Normal file
@@ -0,0 +1,13 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
:_content-type: CONCEPT
|
||||
[id="cpmso-feat-auto-update_{context}"]
|
||||
= Automatically updating the control plane configuration
|
||||
|
||||
You can use the `RollingUpdate` update strategy to automatically propagate changes to your control plane configuration.
|
||||
|
||||
For clusters that use the default `RollingUpdate` update strategy, the Operator creates a replacement control plane machine with the configuration that is specified in the CR. When the replacement control plane machine is ready, the Operator deletes the control plane machine that is marked for replacement. The replacement machine then joins the control plane.
|
||||
|
||||
If multiple control plane machines are marked for replacement, the Operator repeats this replacement process one machine at a time until each machine is replaced.
|
||||
@@ -1,7 +1,39 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/cpmso-about.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
:_content-type: CONCEPT
|
||||
:_content-type: PROCEDURE
|
||||
[id="cpmso-feat-config-update_{context}"]
|
||||
= Updating the control plane configuration
|
||||
= Updating the control plane configuration
|
||||
|
||||
You can make changes to the configuration of the machines in the control plane by updating the specification in the control plane machine set custom resource (CR).
|
||||
|
||||
The Control Plane Machine Set Operator monitors the control plane machines and compares their configuration with the specification in the control plane machine set CR. When there is a discrepancy between the specification in the CR and the configuration of a control plane machine, the Operator marks that control plane machine for replacement.
|
||||
|
||||
[NOTE]
|
||||
====
|
||||
For more information about the parameters in the CR, see "Control Plane Machine Set Operator configuration".
|
||||
====
|
||||
|
||||
.Prerequisites
|
||||
|
||||
* Your cluster has an activated and functioning Control Plane Machine Set Operator.
|
||||
|
||||
.Procedure
|
||||
|
||||
. Edit your control plane machine set CR by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ oc --namespace openshift-machine-api edit controlplanemachineset.machine.openshift.io cluster
|
||||
----
|
||||
|
||||
. Change the values of any fields that you want to update in your cluster configuration.
|
||||
|
||||
. Save your changes.
|
||||
|
||||
.Next steps
|
||||
|
||||
* For clusters that use the default `RollingUpdate` update strategy, the Operator automatically propagates the changes to your control plane configuration.
|
||||
|
||||
* For clusters that are configured to use the `OnDelete` update strategy, you must replace your control plane machines manually.
|
||||
@@ -1,7 +1,13 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/cpmso-about.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
:_content-type: CONCEPT
|
||||
[id="cpmso-feat-test-changes_{context}"]
|
||||
= Testing changes to the control plane configuration
|
||||
= Testing changes to the control plane configuration
|
||||
|
||||
You can use the `OnDelete` update strategy to test changes to your control plane configuration. With this update strategy, you replace control plane machines manually. Manually replacing machines allows you to test changes to your configuration on a single machine before applying the changes more broadly.
|
||||
|
||||
For clusters that are configured to use the `OnDelete` update strategy, the Operator creates a replacement control plane machine when you delete an existing machine. When the replacement control plane machine is ready, the etcd Operator allows the existing machine to be deleted. The replacement machine then joins the control plane.
|
||||
|
||||
If multiple control plane machines are deleted, the Operator creates all of the required replacement machines simultaneously.
|
||||
@@ -57,7 +57,7 @@ providerSpec:
|
||||
userDataSecret:
|
||||
name: master-user-data <12>
|
||||
----
|
||||
<1> Specifies the Amazon Machine Images (AMI) ID for the cluster. The AMI must belong to the same region as the cluster.
|
||||
<1> Specifies the {op-system-first} Amazon Machine Images (AMI) ID for the cluster. The AMI must belong to the same region as the cluster. If you want to use an AWS Marketplace image, you must complete the {product-title} subscription from the link:https://aws.amazon.com/marketplace/fulfillment?productId=59ead7de-2540-4653-a8b0-fa7926d5c845[AWS Marketplace] to obtain an AMI ID for your region.
|
||||
<2> Specifies the configuration of an encrypted EBS volume.
|
||||
<3> Specifies the secret name for the cluster. Do not change this value.
|
||||
<4> Specifies the AWS Identity and Access Management (IAM) instance profile. Do not change this value.
|
||||
|
||||
@@ -56,8 +56,7 @@ $ oc get -o jsonpath='{.status.infrastructureName}{"\n"}' infrastructure cluster
|
||||
====
|
||||
Before you activate the Operator, you must ensure that the `ControlPlaneMachineSet` CR configuration is correct for your cluster requirements. For more information about activating the Control Plane Machine Set Operator, see "Getting started with the Control Plane Machine Set Operator".
|
||||
====
|
||||
<5> Specifies the update strategy for the cluster. The allowed values are `OnDelete` and `RollingUpdate`. The default value is `RollingUpdate`.
|
||||
//For more information about update strategies, see "Updating the control plane configuration".
|
||||
<5> Specifies the update strategy for the cluster. The allowed values are `OnDelete` and `RollingUpdate`. The default value is `RollingUpdate`. For more information about update strategies, see "Updating the control plane configuration".
|
||||
<6> Specifies the cloud provider platform name. Do not change this value.
|
||||
<7> Specifies the `<platform_failure_domains>` configuration for the cluster. The format and values of this section are provider-specific. For more information, see the sample failure domain configuration for your cloud provider.
|
||||
+
|
||||
|
||||
@@ -3,6 +3,7 @@
|
||||
// * installing/installing_aws/installing-azure-customizations.adoc
|
||||
// * installing/installing_aws/installing-azure-user-infra.adoc
|
||||
// * machine_management/creating-machineset-azure.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "installing-azure-customizations"]
|
||||
:ipi:
|
||||
@@ -13,6 +14,9 @@ endif::[]
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:mapi:
|
||||
endif::[]
|
||||
|
||||
//mpytlak: The procedure differs depending on whether this module is used in an IPI or UPI assembly.
|
||||
//jrouth: Also some variations for when it appears in the machine management content (`mapi`).
|
||||
@@ -24,11 +28,12 @@ ifndef::mapi[]
|
||||
If you are deploying an {product-title} cluster using the Azure Marketplace offering, you must first obtain the Azure Marketplace image. The installation program uses this image to deploy worker nodes. When obtaining your image, consider the following:
|
||||
endif::mapi[]
|
||||
ifdef::mapi[]
|
||||
You can create a compute machine set running on Azure that deploys machines that use the Azure Marketplace offering. To use this offering, you must first obtain the Azure Marketplace image. When obtaining your image, consider the following:
|
||||
You can create a machine set running on Azure that deploys machines that use the Azure Marketplace offering. To use this offering, you must first obtain the Azure Marketplace image. When obtaining your image, consider the following:
|
||||
endif::mapi[]
|
||||
|
||||
* While the images are the same, the Azure Marketplace publisher is different depending on your region. If you are located in North America, specify `redhat` as the publisher. If you are located in EMEA, specify `redhat-limited` as the publisher.
|
||||
* The offer includes a `rh-ocp-worker` SKU and a `rh-ocp-worker-gen1` SKU. The `rh-ocp-worker` SKU represents a Hyper-V generation version 2 VM image. The default instance types used in {product-title} are version 2 compatible. If you are going to use an instance type that is only version 1 compatible, use the image associated with the `rh-ocp-worker-gen1` SKU. The `rh-ocp-worker-gen1` SKU represents a Hyper-V version 1 VM image.
|
||||
* The offer includes a `rh-ocp-worker` SKU and a `rh-ocp-worker-gen1` SKU. The `rh-ocp-worker` SKU represents a Hyper-V generation version 2 VM image. The default instance types used in {product-title} are version 2 compatible. If you plan to use an instance type that is only version 1 compatible, use the image associated with the `rh-ocp-worker-gen1` SKU. The `rh-ocp-worker-gen1` SKU represents a Hyper-V version 1 VM image.
|
||||
//What happens with control plane machines? "worker" SKU seems incorrect
|
||||
|
||||
.Prerequisites
|
||||
|
||||
@@ -38,13 +43,15 @@ endif::mapi[]
|
||||
.Procedure
|
||||
|
||||
. Display all of the available {product-title} images by running one of the following commands:
|
||||
** North America:
|
||||
+
|
||||
--
|
||||
** North America:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ az vm image list --all --offer rh-ocp-worker --publisher redhat -o table
|
||||
----
|
||||
+
|
||||
.Example output
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -53,14 +60,13 @@ Offer Publisher Sku Urn
|
||||
rh-ocp-worker RedHat rh-ocp-worker RedHat:rh-ocp-worker:rh-ocpworker:4.8.2021122100 4.8.2021122100
|
||||
rh-ocp-worker RedHat rh-ocp-worker-gen1 RedHat:rh-ocp-worker:rh-ocp-worker-gen1:4.8.2021122100 4.8.2021122100
|
||||
----
|
||||
--
|
||||
** EMEA:
|
||||
+
|
||||
--
|
||||
[source,terminal]
|
||||
----
|
||||
$ az vm image list --all --offer rh-ocp-worker --publisher redhat-limited -o table
|
||||
----
|
||||
+
|
||||
.Example output
|
||||
[source,terminal]
|
||||
----
|
||||
@@ -70,11 +76,10 @@ rh-ocp-worker redhat-limited rh-ocp-worker redhat-limited:rh-ocp-worker:
|
||||
rh-ocp-worker redhat-limited rh-ocp-worker-gen1 redhat-limited:rh-ocp-worker:rh-ocp-worker-gen1:4.8.2021122100 4.8.2021122100
|
||||
----
|
||||
--
|
||||
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
Regardless of the version of {product-title} you are installing, the correct version of the Azure Marketplace image to use is 4.8.x. If required, as part of the installation process, your VMs are automatically upgraded.
|
||||
Regardless of the version of {product-title} that you install, the correct version of the Azure Marketplace image to use is 4.8. If required, your VMs are automatically upgraded as part of the installation process.
|
||||
====
|
||||
. Inspect the image for your offer by running one of the following commands:
|
||||
** North America:
|
||||
@@ -147,9 +152,9 @@ compute:
|
||||
----
|
||||
endif::ipi[]
|
||||
ifdef::mapi[]
|
||||
. Add the following parameters to the `providerSpec` section of your compute machine set YAML file using the image details for your offer:
|
||||
. Add the following parameters to the `providerSpec` section of your machine set YAML file using the image details for your offer:
|
||||
+
|
||||
.Sample `providerSpec` image values for Azure Marketplace compute machines
|
||||
.Sample `providerSpec` image values for Azure Marketplace machines
|
||||
[source,yaml]
|
||||
----
|
||||
providerSpec:
|
||||
@@ -162,6 +167,7 @@ providerSpec:
|
||||
type: MarketplaceWithPlan
|
||||
version: 4.8.2021122100
|
||||
----
|
||||
//offer also has "worker"
|
||||
endif::mapi[]
|
||||
|
||||
ifeval::["{context}" == "installing-azure-customizations"]
|
||||
@@ -173,3 +179,6 @@ endif::[]
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:!mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:!mapi:
|
||||
endif::[]
|
||||
@@ -1,11 +1,21 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:compute:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:cpmso:
|
||||
endif::[]
|
||||
|
||||
[id="machineset-azure-accelerated-networking_{context}"]
|
||||
= Accelerated Networking for Microsoft Azure VMs
|
||||
|
||||
Accelerated Networking uses single root I/O virtualization (SR-IOV) to provide Microsoft Azure VMs with a more direct path to the switch. This enhances network performance. This feature can be enabled during or after installation.
|
||||
Accelerated Networking uses single root I/O virtualization (SR-IOV) to provide Microsoft Azure VMs with a more direct path to the switch. This enhances network performance. This feature can be enabled
|
||||
ifdef::compute[during or ]
|
||||
after installation.
|
||||
|
||||
[id="machineset-azure-accelerated-networking-limits_{context}"]
|
||||
== Limitations
|
||||
@@ -14,6 +24,19 @@ Consider the following limitations when deciding whether to use Accelerated Netw
|
||||
|
||||
* Accelerated Networking is only supported on clusters where the Machine API is operational.
|
||||
|
||||
* Although the minimum requirement for an Azure worker node is two vCPUs, Accelerated Networking requires an Azure VM size that includes at least four vCPUs. To satisfy this requirement, you can change the value of `vmSize` in your compute machine set. For information about Azure VM sizes, see link:https://docs.microsoft.com/en-us/azure/virtual-machines/sizes[Microsoft Azure documentation].
|
||||
* {empty}
|
||||
+
|
||||
ifdef::compute[Although the minimum requirement for an Azure worker node is two vCPUs, ]
|
||||
Accelerated Networking requires an Azure VM size that includes at least four vCPUs. To satisfy this requirement, you can change the value of `vmSize` in your machine set. For information about Azure VM sizes, see link:https://docs.microsoft.com/en-us/azure/virtual-machines/sizes[Microsoft Azure documentation].
|
||||
|
||||
//iiuc, this is not true for control planes since the operator will roll out changes according to the update strategy
|
||||
ifdef::compute[]
|
||||
* When this feature is enabled on an existing Azure cluster, only newly provisioned nodes are affected. Currently running nodes are not reconciled. To enable the feature on all nodes, you must replace each existing machine. This can be done for each machine individually, or by scaling the replicas down to zero, and then scaling back up to your desired number of replicas.
|
||||
endif::compute[]
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:!compute:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:!cpmso:
|
||||
endif::[]
|
||||
@@ -2,6 +2,7 @@
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure.adoc
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure-stack-hub.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure-stack-hub"]
|
||||
:ash:
|
||||
@@ -9,9 +10,9 @@ endif::[]
|
||||
|
||||
:_content-type: PROCEDURE
|
||||
[id="machineset-azure-boot-diagnostics_{context}"]
|
||||
= Enabling Azure boot diagnostics on compute machines
|
||||
= Enabling Azure boot diagnostics
|
||||
|
||||
You can enable boot diagnostics on Azure machines that your compute machine set creates.
|
||||
You can enable boot diagnostics on Azure machines that your machine set creates.
|
||||
|
||||
.Prerequisites
|
||||
|
||||
@@ -21,7 +22,7 @@ cluster.
|
||||
|
||||
.Procedure
|
||||
|
||||
* Add the `diagnostics` configuration that is applicable to your storage type to the `providerSpec` field in your compute machine set YAML file:
|
||||
* Add the `diagnostics` configuration that is applicable to your storage type to the `providerSpec` field in your machine set YAML file:
|
||||
|
||||
** For an Azure Managed storage account:
|
||||
+
|
||||
@@ -57,7 +58,7 @@ Only the Azure Blob Storage data service is supported.
|
||||
|
||||
.Verification
|
||||
|
||||
* On the Microsoft Azure portal, review the *Boot diagnostics* page for a machine deployed by the compute machine set, and verify that you can see the serial logs for the machine.
|
||||
* On the Microsoft Azure portal, review the *Boot diagnostics* page for a machine deployed by the machine set, and verify that you can see the serial logs for the machine.
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure-stack-hub"]
|
||||
:!ash:
|
||||
|
||||
@@ -1,19 +1,28 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:compute:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:cpmso:
|
||||
endif::[]
|
||||
|
||||
:_content-type: PROCEDURE
|
||||
[id="machineset-azure-enabling-accelerated-networking-existing_{context}"]
|
||||
= Enabling Accelerated Networking on an existing Microsoft Azure cluster
|
||||
|
||||
You can enable Accelerated Networking on Azure by adding `acceleratedNetworking` to your compute machine set YAML file.
|
||||
You can enable Accelerated Networking on Azure by adding `acceleratedNetworking` to your machine set YAML file.
|
||||
|
||||
.Prerequisites
|
||||
|
||||
* Have an existing Microsoft Azure cluster where the Machine API is operational.
|
||||
|
||||
.Procedure
|
||||
|
||||
////
|
||||
//Trying to move towards a more streamlined approach, but leaving this in in case needed
|
||||
. List the compute machine sets in your cluster by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
@@ -42,23 +51,33 @@ $ oc edit machineset <machine-set-name>
|
||||
----
|
||||
|
||||
.. Add the following to the `providerSpec` field:
|
||||
////
|
||||
* Add the following to the `providerSpec` field:
|
||||
+
|
||||
[source,yaml]
|
||||
----
|
||||
providerSpec:
|
||||
value:
|
||||
...
|
||||
acceleratedNetworking: true <1>
|
||||
...
|
||||
vmSize: <azure-vm-size> <2>
|
||||
...
|
||||
----
|
||||
+
|
||||
<1> This line enables Accelerated Networking.
|
||||
<2> Specify an Azure VM size that includes at least four vCPUs. For information about VM sizes, see link:https://docs.microsoft.com/en-us/azure/virtual-machines/sizes[Microsoft Azure documentation].
|
||||
|
||||
. To enable the feature on currently running nodes, you must replace each existing machine. This can be done for each machine individually, or by scaling the replicas down to zero, and then scaling back up to your desired number of replicas.
|
||||
ifdef::compute[]
|
||||
.Next steps
|
||||
|
||||
* To enable the feature on currently running nodes, you must replace each existing machine. This can be done for each machine individually, or by scaling the replicas down to zero, and then scaling back up to your desired number of replicas.
|
||||
endif::compute[]
|
||||
|
||||
.Verification
|
||||
|
||||
* On the Microsoft Azure portal, review the *Networking* settings page for a machine provisioned by the compute machine set, and verify that the `Accelerated networking` field is set to `Enabled`.
|
||||
* On the Microsoft Azure portal, review the *Networking* settings page for a machine provisioned by the machine set, and verify that the `Accelerated networking` field is set to `Enabled`.
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:!compute:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:!cpmso:
|
||||
endif::[]
|
||||
@@ -3,10 +3,14 @@
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure.adoc
|
||||
// * storage/persistent_storage/persistent-storage-azure.adoc
|
||||
// * storage/persistent_storage/persistent-storage-csi-azure.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:cpmso:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "persistent-storage-azure"]
|
||||
:pvc:
|
||||
endif::[]
|
||||
@@ -16,10 +20,10 @@ endif::[]
|
||||
|
||||
:_content-type: CONCEPT
|
||||
[id="machineset-azure-ultra-disk_{context}"]
|
||||
ifdef::mapi[= Machine sets that deploy machines with ultra disks as data disks]
|
||||
ifdef::mapi,cpmso[= Machine sets that deploy machines with ultra disks as data disks]
|
||||
ifdef::pvc[= Machine sets that deploy machines with ultra disks using PVCs]
|
||||
|
||||
You can create a compute machine set running on Azure that deploys machines with ultra disks. Ultra disks are high-performance storage that are intended for use with the most demanding data workloads.
|
||||
You can create a machine set running on Azure that deploys machines with ultra disks. Ultra disks are high-performance storage that are intended for use with the most demanding data workloads.
|
||||
|
||||
ifdef::mapi[]
|
||||
You can also create a persistent volume claim (PVC) that dynamically binds to a storage class backed by Azure ultra disks and mounts them to pods.
|
||||
@@ -37,6 +41,9 @@ endif::pvc[]
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:!mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:!cpmso:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "persistent-storage-azure"]
|
||||
:!pvc:
|
||||
endif::[]
|
||||
|
||||
@@ -3,10 +3,14 @@
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure.adoc
|
||||
// * storage/persistent_storage/persistent-storage-azure.adoc
|
||||
// * storage/persistent_storage/persistent-storage-csi-azure.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:cpmso:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "persistent-storage-azure"]
|
||||
:pvc:
|
||||
endif::[]
|
||||
@@ -14,11 +18,14 @@ ifeval::["{context}" == "persistent-storage-csi-azure"]
|
||||
:pvc:
|
||||
endif::[]
|
||||
|
||||
ifdef::mapi[:machine-role: worker]
|
||||
ifdef::cpmso[:machine-role: master]
|
||||
|
||||
:_content-type: PROCEDURE
|
||||
[id="machineset-creating-azure-ultra-disk_{context}"]
|
||||
= Creating machines with ultra disks by using compute machine sets
|
||||
= Creating machines with ultra disks by using machine sets
|
||||
|
||||
You can deploy machines with ultra disks on Azure by editing your compute machine set YAML file.
|
||||
You can deploy machines with ultra disks on Azure by editing your machine set YAML file.
|
||||
|
||||
.Prerequisites
|
||||
|
||||
@@ -26,17 +33,17 @@ You can deploy machines with ultra disks on Azure by editing your compute machin
|
||||
|
||||
.Procedure
|
||||
|
||||
ifdef::mapi[]
|
||||
. Create a custom secret in the `openshift-machine-api` namespace using the worker data secret by running the following command:
|
||||
ifdef::mapi,cpmso[]
|
||||
. Create a custom secret in the `openshift-machine-api` namespace using the `{machine-role}` data secret by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ oc -n openshift-machine-api \
|
||||
get secret worker-user-data \
|
||||
--template='{{index .data.userData | base64decode}}' | jq > userData.txt
|
||||
get secret <role>-user-data \ <1>
|
||||
--template='{{index .data.userData | base64decode}}' | jq > userData.txt <2>
|
||||
----
|
||||
+
|
||||
where `userData.txt` is the name of the new custom secret.
|
||||
<1> Replace `<role>` with `{machine-role}`.
|
||||
<2> Specify `userData.txt` as the name of the new custom secret.
|
||||
|
||||
. In a text editor, open the `userData.txt` file and locate the final `}` character in the file.
|
||||
|
||||
@@ -78,7 +85,7 @@ where `userData.txt` is the name of the new custom secret.
|
||||
}
|
||||
----
|
||||
<1> The configuration details for the disk that you want to attach to a node as an ultra disk.
|
||||
<2> Specify the `lun` value that is defined in the `dataDisks` stanza of the compute machine set you are using. For example, if the compute machine set contains `lun: 0`, specify `lun0`. You can initialize multiple data disks by specifying multiple `"disks"` entries in this configuration file. If you specify multiple `"disks"` entries, ensure that the `lun` value for each matches the value in the compute machine set.
|
||||
<2> Specify the `lun` value that is defined in the `dataDisks` stanza of the machine set you are using. For example, if the machine set contains `lun: 0`, specify `lun0`. You can initialize multiple data disks by specifying multiple `"disks"` entries in this configuration file. If you specify multiple `"disks"` entries, ensure that the `lun` value for each matches the value in the machine set.
|
||||
<3> The configuration details for a new partition on the disk.
|
||||
<4> Specify a label for the partition. You might find it helpful to use hierarchical names, such as `lun0p1` for the first partition of `lun0`.
|
||||
<5> Specify the total size in MiB of the partition.
|
||||
@@ -90,22 +97,23 @@ where `userData.txt` is the name of the new custom secret.
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ oc -n openshift-machine-api get secret worker-user-data \
|
||||
$ oc -n openshift-machine-api get secret <role>-user-data \ <1>
|
||||
--template='{{index .data.disableTemplating | base64decode}}' | jq > disableTemplating.txt
|
||||
----
|
||||
<1> Replace `<role>` with `{machine-role}`.
|
||||
|
||||
. Combine the `userData.txt` file and `disableTemplating.txt` file to create a data secret file by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ oc -n openshift-machine-api create secret generic worker-user-data-x5 \
|
||||
$ oc -n openshift-machine-api create secret generic <role>-user-data-x5 \ <1>
|
||||
--from-file=userData=userData.txt \
|
||||
--from-file=disableTemplating=disableTemplating.txt
|
||||
----
|
||||
+
|
||||
where `worker-user-data-x5` is the name of the secret.
|
||||
endif::mapi[]
|
||||
<1> For `<role>-user-data-x5`, specify the name of the secret. Replace `<role>` with `{machine-role}`.
|
||||
endif::mapi,cpmso[]
|
||||
|
||||
ifndef::cpmso[]
|
||||
. Copy an existing Azure `MachineSet` custom resource (CR) and edit it by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
@@ -113,7 +121,7 @@ endif::mapi[]
|
||||
$ oc edit machineset <machine-set-name>
|
||||
----
|
||||
+
|
||||
where `<machine-set-name>` is the compute machine set that you want to provision machines with ultra disks.
|
||||
where `<machine-set-name>` is the machine set that you want to provision machines with ultra disks.
|
||||
|
||||
. Add the following lines in the positions indicated:
|
||||
+
|
||||
@@ -121,21 +129,14 @@ where `<machine-set-name>` is the compute machine set that you want to provision
|
||||
----
|
||||
apiVersion: machine.openshift.io/v1beta1
|
||||
kind: MachineSet
|
||||
...
|
||||
spec:
|
||||
...
|
||||
template:
|
||||
...
|
||||
spec:
|
||||
metadata:
|
||||
...
|
||||
labels:
|
||||
...
|
||||
disk: ultrassd <1>
|
||||
...
|
||||
providerSpec:
|
||||
value:
|
||||
...
|
||||
ultraSSDCapability: Enabled <2>
|
||||
ifdef::mapi[]
|
||||
dataDisks: <2>
|
||||
@@ -147,24 +148,68 @@ ifdef::mapi[]
|
||||
managedDisk:
|
||||
storageAccountType: UltraSSD_LRS
|
||||
userDataSecret:
|
||||
name: worker-user-data-x5 <3>
|
||||
name: <role>-user-data-x5 <3>
|
||||
endif::mapi[]
|
||||
...
|
||||
----
|
||||
+
|
||||
<1> Specify a label to use to select a node that is created by this compute machine set. This procedure uses `disk.ultrassd` for this value.
|
||||
<1> Specify a label to use to select a node that is created by this machine set. This procedure uses `disk.ultrassd` for this value.
|
||||
<2> These lines enable the use of ultra disks.
|
||||
ifdef::mapi[]
|
||||
For `dataDisks`, include the entire stanza.
|
||||
<3> Specify the user data secret created earlier.
|
||||
<3> Specify the user data secret created earlier. Replace `<role>` with `{machine-role}`.
|
||||
endif::mapi[]
|
||||
|
||||
. Create a compute machine set using the updated configuration by running the following command:
|
||||
. Create a machine set using the updated configuration by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ oc create -f <machine-set-name>.yaml
|
||||
----
|
||||
endif::cpmso[]
|
||||
|
||||
ifdef::cpmso[]
|
||||
. Edit your control plane machine set CR by running the following command:
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ oc --namespace openshift-machine-api edit controlplanemachineset.machine.openshift.io cluster
|
||||
----
|
||||
|
||||
. Add the following lines in the positions indicated:
|
||||
+
|
||||
[source,yaml]
|
||||
----
|
||||
apiVersion: machine.openshift.io/v1beta1
|
||||
kind: ControlPlaneMachineSet
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
metadata:
|
||||
labels:
|
||||
disk: ultrassd <1>
|
||||
providerSpec:
|
||||
value:
|
||||
ultraSSDCapability: Enabled <2>
|
||||
dataDisks: <2>
|
||||
- nameSuffix: ultrassd
|
||||
lun: 0
|
||||
diskSizeGB: 4
|
||||
deletionPolicy: Delete
|
||||
cachingType: None
|
||||
managedDisk:
|
||||
storageAccountType: UltraSSD_LRS
|
||||
userDataSecret:
|
||||
name: <role>-user-data-x5 <3>
|
||||
----
|
||||
<1> Specify a label to use to select a node that is created by this machine set. This procedure uses `disk.ultrassd` for this value.
|
||||
<2> These lines enable the use of ultra disks. For `dataDisks`, include the entire stanza.
|
||||
<3> Specify the user data secret created earlier. Replace `<role>` with `{machine-role}`.
|
||||
|
||||
. Save your changes.
|
||||
|
||||
** For clusters that use the default `RollingUpdate` update strategy, the Operator automatically propagates the changes to your control plane configuration.
|
||||
|
||||
** For clusters that are configured to use the `OnDelete` update strategy, you must replace your control plane machines manually.
|
||||
endif::cpmso[]
|
||||
|
||||
ifdef::pvc[]
|
||||
. Create a storage class that contains the following YAML definition:
|
||||
@@ -236,7 +281,7 @@ spec:
|
||||
persistentVolumeClaim:
|
||||
claimName: ultra-disk <2>
|
||||
----
|
||||
<1> Specify the label of the compute machine set that enables the use of ultra disks. This procedure uses `disk.ultrassd` for this value.
|
||||
<1> Specify the label of the machine set that enables the use of ultra disks. This procedure uses `disk.ultrassd` for this value.
|
||||
<2> This pod references the `ultra-disk` PVC.
|
||||
endif::pvc[]
|
||||
|
||||
@@ -262,7 +307,8 @@ In this command, `oc debug node/<node-name>` starts a debugging shell on the nod
|
||||
|
||||
.Next steps
|
||||
|
||||
* To use an ultra disk from within a pod, create workload that uses the mount point. Create a YAML file similar to the following example:
|
||||
ifndef::cpmso[]
|
||||
* To use an ultra disk from within a pod, create a workload that uses the mount point. Create a YAML file similar to the following example:
|
||||
+
|
||||
[source,yaml]
|
||||
----
|
||||
@@ -288,10 +334,18 @@ spec:
|
||||
nodeSelector:
|
||||
disktype: ultrassd
|
||||
----
|
||||
endif::cpmso[]
|
||||
|
||||
ifdef::cpmso[]
|
||||
* To use an ultra disk on the control plane, reconfigure your workload to use the control plane's ultra disk mount point.
|
||||
endif::cpmso[]
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:!mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:!cpmso:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "persistent-storage-azure"]
|
||||
:!pvc:
|
||||
endif::[]
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-aws.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
:_content-type: PROCEDURE
|
||||
[id="machineset-creating-dedicated-instance_{context}"]
|
||||
= Creating Dedicated Instances by using compute machine sets
|
||||
= Creating Dedicated Instances by using machine sets
|
||||
|
||||
You can run a machine that is backed by a Dedicated Instance by using Machine API integration. Set the `tenancy` field in your compute machine set YAML file to launch a Dedicated Instance on AWS.
|
||||
You can run a machine that is backed by a Dedicated Instance by using Machine API integration. Set the `tenancy` field in your machine set YAML file to launch a Dedicated Instance on AWS.
|
||||
|
||||
.Procedure
|
||||
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-aws.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
:_content-type: PROCEDURE
|
||||
[id="machineset-creating-imds-options_{context}"]
|
||||
= Configuring IMDS by using compute machine sets
|
||||
= Configuring IMDS by using machine sets
|
||||
|
||||
You can specify whether to require the use of IMDSv2 by adding or editing the value of `metadataServiceOptions.authentication` in the compute machine set YAML file for your compute machines.
|
||||
You can specify whether to require the use of IMDSv2 by adding or editing the value of `metadataServiceOptions.authentication` in the machine set YAML file for your machines.
|
||||
|
||||
.Procedure
|
||||
* Add or edit the following lines under the `providerSpec` field:
|
||||
|
||||
@@ -2,14 +2,15 @@
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-gcp.adoc
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure-stack-hub.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
:_content-type: PROCEDURE
|
||||
[id="machineset-enabling-customer-managed-encryption-azure_{context}"]
|
||||
= Enabling customer-managed encryption keys for a compute machine set
|
||||
= Enabling customer-managed encryption keys for a machine set
|
||||
|
||||
You can supply an encryption key to Azure to encrypt data on managed disks at rest. You can enable server-side encryption with customer-managed keys by using the Machine API.
|
||||
|
||||
An Azure Key Vault, a disk encryption set, and an encryption key are required to use a customer-managed key. The disk encryption set must preside in a resource group where the Cloud Credential Operator (CCO) has granted permissions. If not, an additional reader role is required to be granted on the disk encryption set.
|
||||
An Azure Key Vault, a disk encryption set, and an encryption key are required to use a customer-managed key. The disk encryption set must be in a resource group where the Cloud Credential Operator (CCO) has granted permissions. If not, an additional reader role is required to be granted on the disk encryption set.
|
||||
|
||||
.Prerequisites
|
||||
|
||||
@@ -19,24 +20,20 @@ An Azure Key Vault, a disk encryption set, and an encryption key are required to
|
||||
|
||||
.Procedure
|
||||
|
||||
* Configure the disk encryption set under the `providerSpec` field in your compute machine set YAML file. For example:
|
||||
* Configure the disk encryption set under the `providerSpec` field in your machine set YAML file. For example:
|
||||
+
|
||||
[source,yaml]
|
||||
----
|
||||
...
|
||||
providerSpec:
|
||||
value:
|
||||
...
|
||||
osDisk:
|
||||
diskSizeGB: 128
|
||||
managedDisk:
|
||||
diskEncryptionSet:
|
||||
id: /subscriptions/<subscription_id>/resourceGroups/<resource_group_name>/providers/Microsoft.Compute/diskEncryptionSets/<disk_encryption_set_name>
|
||||
storageAccountType: Premium_LRS
|
||||
...
|
||||
----
|
||||
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
* You can learn more about https://docs.microsoft.com/en-us/azure/virtual-machines/disk-encryption#customer-managed-keys[customer-managed keys] in the Azure documentation.
|
||||
* https://docs.microsoft.com/en-us/azure/virtual-machines/disk-encryption#customer-managed-keys[Azure documentation about customer-managed keys]
|
||||
@@ -1,10 +1,11 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-aws.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
[id="machineset-dedicated-instance_{context}"]
|
||||
= Machine sets that deploy machines as Dedicated Instances
|
||||
|
||||
You can create a compute machine set running on AWS that deploys machines as Dedicated Instances. Dedicated Instances run in a virtual private cloud (VPC) on hardware that is dedicated to a single customer. These Amazon EC2 instances are physically isolated at the host hardware level. The isolation of Dedicated Instances occurs even if the instances belong to different AWS accounts that are linked to a single payer account. However, other instances that are not dedicated can share hardware with Dedicated Instances if they belong to the same AWS account.
|
||||
You can create a machine set running on AWS that deploys machines as Dedicated Instances. Dedicated Instances run in a virtual private cloud (VPC) on hardware that is dedicated to a single customer. These Amazon EC2 instances are physically isolated at the host hardware level. The isolation of Dedicated Instances occurs even if the instances belong to different AWS accounts that are linked to a single payer account. However, other instances that are not dedicated can share hardware with Dedicated Instances if they belong to the same AWS account.
|
||||
|
||||
Instances with either public or dedicated tenancy are supported by the Machine API. Instances with public tenancy run on shared hardware. Public tenancy is the default tenancy. Instances with dedicated tenancy run on single-tenant hardware.
|
||||
|
||||
@@ -1,18 +1,28 @@
|
||||
// Module included in the following assemblies:
|
||||
//
|
||||
// * machine_management/creating_machinesets/creating-machineset-aws.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:cpmso:
|
||||
endif::[]
|
||||
|
||||
:_content-type: CONCEPT
|
||||
[id="machineset-imds-options_{context}"]
|
||||
= Machine set options for the Amazon EC2 Instance Metadata Service
|
||||
|
||||
You can use compute machine sets to create compute machines that use a specific version of the Amazon EC2 Instance Metadata Service (IMDS). Compute machine sets can create compute machines that allow the use of both IMDSv1 and link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html[IMDSv2] or compute machines that require the use of IMDSv2.
|
||||
You can use machine sets to create machines that use a specific version of the Amazon EC2 Instance Metadata Service (IMDS). Machine sets can create machines that allow the use of both IMDSv1 and link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html[IMDSv2] or machines that require the use of IMDSv2.
|
||||
|
||||
To change the IMDS configuration for existing compute machines, edit the compute machine set YAML file that manages those machines. To deploy new compute machines with your preferred IMDS configuration, create a compute machine set YAML file with the appropriate values.
|
||||
|
||||
The IMDS configuration for control plane machines is set during cluster installation. To change the control plane machine IMDS configuration, you must use the AWS CLI. For more information, see the AWS documentation about how to link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html#configuring-IMDS-existing-instances[Modify instance metadata options for existing instances].
|
||||
To change the IMDS configuration for existing machines, edit the machine set YAML file that manages those machines.
|
||||
ifndef::cpmso[]
|
||||
To deploy new compute machines with your preferred IMDS configuration, create a compute machine set YAML file with the appropriate values.
|
||||
endif::cpmso[]
|
||||
|
||||
[IMPORTANT]
|
||||
====
|
||||
Before configuring a compute machine set to create compute machines that require IMDSv2, ensure that any workloads that interact with the AWS metadata service support IMDSv2.
|
||||
Before configuring a machine set to create machines that require IMDSv2, ensure that any workloads that interact with the AWS metadata service support IMDSv2.
|
||||
====
|
||||
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:!cpmso:
|
||||
endif::[]
|
||||
@@ -3,10 +3,14 @@
|
||||
// * machine_management/creating_machinesets/creating-machineset-azure.adoc
|
||||
// * storage/persistent_storage/persistent-storage-azure.adoc
|
||||
// * storage/persistent_storage/persistent-storage-csi-azure.adoc
|
||||
// * machine_management/control_plane_machine_management/cpmso-using.adoc
|
||||
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "persistent-storage-azure"]
|
||||
:pvc:
|
||||
endif::[]
|
||||
@@ -16,7 +20,7 @@ endif::[]
|
||||
|
||||
:_content-type: REFERENCE
|
||||
[id="machineset-troubleshooting-azure-ultra-disk_{context}"]
|
||||
= Troubleshooting resources for compute machine sets that enable ultra disks
|
||||
= Troubleshooting resources for machine sets that enable ultra disks
|
||||
|
||||
Use the information in this section to understand and recover from issues you might encounter.
|
||||
|
||||
@@ -45,7 +49,7 @@ ifdef::mapi[]
|
||||
[id="ts-mapi-attach-misconfigure_{context}"]
|
||||
== Incorrect ultra disk configuration
|
||||
|
||||
If an incorrect configuration of the `ultraSSDCapability` parameter is specified in the compute machine set, the machine provisioning fails.
|
||||
If an incorrect configuration of the `ultraSSDCapability` parameter is specified in the machine set, the machine provisioning fails.
|
||||
|
||||
For example, if the `ultraSSDCapability` parameter is set to `Disabled`, but an ultra disk is specified in the `dataDisks` parameter, the following error message appears:
|
||||
|
||||
@@ -54,19 +58,19 @@ For example, if the `ultraSSDCapability` parameter is set to `Disabled`, but an
|
||||
StorageAccountType UltraSSD_LRS can be used only when additionalCapabilities.ultraSSDEnabled is set.
|
||||
----
|
||||
|
||||
* To resolve this issue, verify that your compute machine set configuration is correct.
|
||||
* To resolve this issue, verify that your machine set configuration is correct.
|
||||
|
||||
[id="ts-mapi-attach-unsupported_{context}"]
|
||||
== Unsupported disk parameters
|
||||
|
||||
If a region, availability zone, or instance size that is not compatible with ultra disks is specified in the compute machine set, the machine provisioning fails. Check the logs for the following error message:
|
||||
If a region, availability zone, or instance size that is not compatible with ultra disks is specified in the machine set, the machine provisioning fails. Check the logs for the following error message:
|
||||
|
||||
[source,terminal]
|
||||
----
|
||||
failed to create vm <machine_name>: failure sending request for machine <machine_name>: cannot create vm: compute.VirtualMachinesClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="BadRequest" Message="Storage Account type 'UltraSSD_LRS' is not supported <more_information_about_why>."
|
||||
----
|
||||
|
||||
* To resolve this issue, verify that you are using this feature in a supported environment and that your compute machine set configuration is correct.
|
||||
* To resolve this issue, verify that you are using this feature in a supported environment and that your machine set configuration is correct.
|
||||
|
||||
[id="ts-mapi-delete_{context}"]
|
||||
== Unable to delete disks
|
||||
@@ -78,6 +82,9 @@ endif::mapi[]
|
||||
ifeval::["{context}" == "creating-machineset-azure"]
|
||||
:!mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "cpmso-using"]
|
||||
:!mapi:
|
||||
endif::[]
|
||||
ifeval::["{context}" == "persistent-storage-azure"]
|
||||
:!pvc:
|
||||
endif::[]
|
||||
|
||||
Reference in New Issue
Block a user