openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

TELCODOCS-1887: Adding section for IBI workflow

Browse Source
This commit is contained in:
Ronan Hennessy
2024-04-24 11:33:15 +01:00
committed by openshift-cherrypick-robot
parent 69f5e2b5a4
commit 168577ae81
27 changed files with 875 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
_topic_maps/_topic_map.yml
View File

@@ -3346,16 +3346,23 @@ Topics:
- Name: Performing an image-based upgrade for single-node OpenShift clusters using GitOps ZTP
File: ztp-image-based-upgrade
- Name: Image-based installation for single-node OpenShift
Dir: image-base-install
Dir: image_base_install
Distros: openshift-origin,openshift-enterprise
Topics:
- Name: Understanding image-based installation and deployment for single-node OpenShift
File: ibi-understanding-image-based-install
- Name: Preparing for a single-node OpenShift image-based installation
File: ibi-preparing-for-image-based-install
- Name: Installing single-node OpenShift using an image-based installation
- Name: Preinstalling single-node OpenShift using an image-based installation
File: ibi-factory-image-based-install
- Name: Deploying single-node OpenShift using the installation program
File: ibi-edge-image-based-install-standalone
- Name: Deploying single-node OpenShift clusters
Dir: ibi_deploying_sno_clusters
Distros: openshift-origin,openshift-enterprise
Topics:
- Name: Deploying managed single-node OpenShift using the IBI Operator
File: ibi-edge-image-based-install
- Name: Deploying single-node OpenShift using the installation program
File: ibi-edge-image-based-install-standalone
- Name: Day 2 operations for telco core CNF clusters
Dir: day_2_core_cnf_clusters
Distros: openshift-origin,openshift-enterprise

71
edge_computing/image-base-install/ibi-understanding-image-based-install.adoc
View File

@@ -1,71 +0,0 @@
:_mod-docs-content-type: ASSEMBLY
[id="ibi-image-based-install_overview"]
= Understanding an image-based installation and deployment for {sno} clusters
include::_attributes/common-attributes.adoc[]
:context: ibi-understanding-image-based-install
toc::[]
Image-based installations streamline the deployment process for {sno} clusters by significantly reducing installation and deployment times.
This approach enables the preinstallation of configured and validated instances of {sno} on target hosts. These preinstalled hosts can be rapidly reconfigured and deployed at the far edge of the network, including in disconnected environments, with minimal intervention.
[id="ibi-installation-deployment-overview"]
== Overview of image-based installation and deployment for {sno} clusters
Deploying infrastructure at the far edge of the network presents challenges for service providers with low bandwidth, high latency, and disconnected environments.
It is also costly and time-consuming to install and deploy {sno} clusters.
An image-based approach to installing and deploying {sno} clusters at the far edge of the network overcomes these challenges by separating the installation and deployment stages.
Imaged-based installation::
Preinstall multiple hosts with {sno} at a central site, such as a service depot or a factory.
Then, validate the base configuration for these hosts and leverage the image-based approach to perform reproducible factory installs at scale by using a single container image.
Image-based deployment::
Ship the preinstalled and validated hosts to a remote site and rapidly reconfigure and deploy the clusters in a matter of minutes by using a configuration image.
[id="ibi-installation-overview"]
=== Image-based installation for {sno} clusters
Using the {lcao}, you can generate an OCI container image that encapsulates an instance of a {sno} cluster. This image is derived from a dedicated cluster that you can configure with the target {product-title} version.
You can reference this image in a live installation ISO to consistently preinstall configured and validated instances of {sno} to multiple hosts. This approach enables the preparation of hosts at a central location, for example in a factory or service depot, before shipping the preinstalled hosts to a remote site for rapid reconfiguration and deployment.
The following is a high-level overview of the image-based installation process:
* Generate an image from a {sno} cluster.
* Use the `openshift-install` program to embed the seed image URL, and other installation artifacts, in a live installation ISO.
* Start the host using the live installation ISO to preinstall the host.
+
During this process, the `openshift-install` program installs {op-system-first} to the disk, pulls the image you generated, and precaches release container images to the disk.
* When the installation completes, the host is ready to ship to the remote site for rapid reconfiguration and deployment.
[id="ibi-deployment-overview"]
=== Image-based deployment for {sno} clusters
You can use the `openshift-install` program to configure and deploy a host that you preinstalled with an image-based installation. To configure the target host with site-specific details, you must create the following resources:
* The `install-config.yaml` installation manifest
* The `image-based-config.yaml` manifest
The `openshift-install` program uses these resources to generate a configuration ISO that you attach to the preinstalled target host to complete the deployment.
[id="ibi-installation-deployment-components"]
== Image-based installation and deployment components
The following content describes the components in an image-based installation and deployment.
Seed image:: OCI container image generated from a dedicated cluster with the target {product-title} version.
Seed cluster:: Dedicated {sno} cluster that you use to create a seed image and is deployed with the target {product-title} version.
{lcao}:: Generates the seed image, embeds the seed image URL in the live installation ISO, and reconfigures the host during remote site deployment.
`openshift-install` program:: Use the `openshift-install` program to manually create a configuration ISO. Attach the configuration ISO to a preinstalled host to complete the deployment.
include::modules/ibi-image-based-install-cluster-guide.adoc[leveloffset=+1]
include::modules/ibi-validated-software-versions.adoc[leveloffset=+1]

0
edge_computing/image-base-install/_attributes → edge_computing/image_base_install/_attributes
View File

14
edge_computing/image-base-install/ibi-factory-image-based-install.adoc → edge_computing/image_base_install/ibi-factory-image-based-install.adoc
View File

@@ -1,6 +1,6 @@
:_mod-docs-content-type: ASSEMBLY
[id="ibi-image-based-install_{context}"]
= About image-based installations for {sno} clusters
[id="ibi-factory-image-based-install"]
= About image-based installation for {sno}
include::_attributes/common-attributes.adoc[]
:context: ibi-factory-image-based-install
@@ -13,8 +13,8 @@ The installation program takes a seed image URL and other inputs, such as the re
The following are the high-level steps to preinstall a {sno} cluster using an image-based installation:
* Generate a seed image.
* Create a live installation ISO using the installation program.
* Start the host using the live installation ISO to preinstall the host.
* Create a live installation ISO using the `openshift-install` installation program.
* Boot the host using the live installation ISO to preinstall the host.
[role="_additional-resources"]
.Additional resources
@@ -23,7 +23,11 @@ The following are the high-level steps to preinstall a {sno} cluster using an im
include::modules/ibi-create-iso-for-bmh.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* xref:../../edge_computing/image_base_install/ibi_deploying_sno_clusters/ibi-edge-image-based-install-standalone.adoc#ibi-installer-configuration-config_ibi-edge-image-based-install[Reference specifications for the `image-based-installation-config.yaml` manifest]
include::modules/ibi-provision-install-iso-to-bmh.adoc[leveloffset=+1]
include::modules/ibi-installer-installation-config.adoc[leveloffset=+1]

11
edge_computing/image-base-install/ibi-preparing-for-image-based-install.adoc → edge_computing/image_base_install/ibi-preparing-for-image-based-install.adoc
View File

@@ -1,6 +1,6 @@
:_mod-docs-content-type: ASSEMBLY
[id="ibi-preparing-for-image-based-install_{context}"]
= Preparing for an image-based installation for {sno} clusters
[id="ibi-preparing-for-image-based-install"]
= Preparing for image-based installation for {sno} clusters
include::_attributes/common-attributes.adoc[]
:context: ibi-preparing-image-based-install
@@ -10,6 +10,11 @@ To prepare for an image-based installation for {sno} clusters, you must complete
* Create a seed image by using the {lcao}.
* Verify that all software components meet the required versions. For further information, see "Software prerequisites for an image-based installation and deployment".
[role="_additional-resources"]
.Additional resources
* xref:../../edge_computing/image_base_install/ibi-understanding-image-based-install.adoc#ztp-image-based-upgrade-prereqs_ibi-understanding-image-based-install[Software prerequisites for an image-based installation and deployment]
== Installing the {lcao}
Use the {lcao} to generate a seed image from a seed cluster. You can install the {lcao} using the {oc-first} or the web console.
@@ -22,4 +27,4 @@ include::modules/cnf-image-based-upgrade-shared-container-partition.adoc[levelof
include::modules/cnf-image-based-upgrade-seed-image-config.adoc[leveloffset=+1]
include::modules/cnf-image-based-upgrade-generate-seed-image.adoc[leveloffset=+1]
include::modules/cnf-image-based-upgrade-generate-seed-image.adoc[leveloffset=+1]

131
edge_computing/image_base_install/ibi-understanding-image-based-install.adoc Normal file
View File

@@ -0,0 +1,131 @@
:_mod-docs-content-type: ASSEMBLY
[id="ibi-understanding-image-based-install"]
= Understanding image-based installation and deployment for {sno}
include::_attributes/common-attributes.adoc[]
:context: ibi-understanding-image-based-install
toc::[]
Image-based installations significantly reduce the deployment time of {sno} clusters by streamlining the installation process.
This approach enables the preinstallation of configured and validated instances of {sno} on target hosts. These preinstalled hosts can be rapidly reconfigured and deployed at the far edge of the network, including in disconnected environments, with minimal intervention.
[NOTE]
====
To deploy a managed cluster using an imaged-based approach in combination with {ztp-first}, you can use the SiteConfig operator. For more information, see link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html-single/multicluster_engine_operator_with_red_hat_advanced_cluster_management/index#siteconfig-intro[SiteConfig operator].
====
[id="ibi-installation-deployment-overview_{context}"]
== Overview of image-based installation and deployment for {sno} clusters
Deploying infrastructure at the far edge of the network presents challenges for service providers with low bandwidth, high latency, and disconnected environments.
It is also costly and time-consuming to install and deploy {sno} clusters.
An image-based approach to installing and deploying {sno} clusters at the far edge of the network overcomes these challenges by separating the installation and deployment stages.
.Overview of an image-based installation and deployment for managed {sno} clusters
image::../images/711_OpenShift_IBI_Installation_high-level_0624.png[Overview of an image-based installation and deployment]
Imaged-based installation::
Preinstall multiple hosts with {sno} at a central site, such as a service depot or a factory.
Then, validate the base configuration for these hosts and leverage the image-based approach to perform reproducible factory installs at scale by using a single live installation ISO.
Image-based deployment::
Ship the preinstalled and validated hosts to a remote site and rapidly reconfigure and deploy the clusters in a matter of minutes by using a configuration ISO.
You can choose from two methods to preinstall and configure your SNO clusters.
Using the `openshift-install` program::
For a {sno} cluster, use the `openshift-install` program only to manually create the live installation ISO that is common to all hosts. Then, use the program again to create the configuration ISO which ensures that the host is unique. For more information, see “Deploying managed {sno} using the openshift-install program”.
Using the IBI Operator::
For managed {sno} clusters, you can use the `openshift-install` with the Image Based Install (IBI) Operator to scale up the operations. The program creates the live installation ISO and then the IBI Operator creates one configuration ISO for each host. For more information, see “Deploying {sno} using the IBI Operator”.
[id="ibi-installation-overview_{context}"]
=== Image-based installation for {sno} clusters
Using the {lcao}, you can generate an OCI container image that encapsulates an instance of a {sno} cluster. This image is derived from a dedicated cluster that you can configure with the target {product-title} version.
You can reference this image in a live installation ISO to consistently preinstall configured and validated instances of {sno} to multiple hosts. This approach enables the preparation of hosts at a central location, for example in a factory or service depot, before shipping the preinstalled hosts to a remote site for rapid reconfiguration and deployment. The instructions for preinstalling a host are the same whether you deploy the host by using only the `openshift-install` program or using the program with the IBI Operator.
The following is a high-level overview of the image-based installation process:
. Generate an image from a {sno} cluster.
. Use the `openshift-install` program to embed the seed image URL, and other installation artifacts, in a live installation ISO.
. Start the host using the live installation ISO to preinstall the host.
+
During this process, the `openshift-install` program installs {op-system-first} to the disk, pulls the image you generated, and precaches release container images to the disk.
. When the installation completes, the host is ready to ship to the remote site for rapid reconfiguration and deployment.
[id="ibi-deployment-overview_{context}"]
=== Image-based deployment for {sno} clusters
You can use the `openshift-install` program or the IBI Operator to configure and deploy a host that you preinstalled with an image-based installation.
{sno-caps} cluster deployment::
To configure the target host with site-specific details by using the `openshift-install` program, you must create the following resources:
+
--
* The `install-config.yaml` installation manifest
* The `image-based-config.yaml` manifest
--
+
The `openshift-install` program uses these resources to generate a configuration ISO that you attach to the preinstalled target host to complete the deployment.
Managed {sno} cluster deployment::
{rh-rhacm-first} and the {mce} (MCE) use a hub-and-spoke architecture to manage and deploy {sno} clusters across multiple sites. Using this approach, the hub cluster serves as a central control plane that manages the spoke clusters, which are often remote {sno} clusters deployed at the far edge of the network.
+
You can define the site-specific configuration resources for an image-based deployment in the hub cluster. The IBI Operator uses these configuration resources to reconfigure the preinstalled host at the remote site and deploy the host as a managed {sno} cluster. This approach is especially beneficial for telecommunications providers and other service providers with extensive, distributed infrastructures, where an end-to-end installation at the remote site would be time-consuming and costly.
+
The following is a high-level overview of the image-based deployment process for hosts preinstalled with an imaged-based installation:
+
--
* Define the site-specific configuration resources for the preinstalled host in the hub cluster.
* Apply these resources in the hub cluster. This initiates the deployment process.
* The IBI Operator creates a configuration ISO.
* The IBI Operator boots the target preinstalled host with the configuration ISO attached.
* The host mounts the configuration ISO and begins the reconfiguration process.
* When the reconfiguration completes, the {sno} cluster is ready.
--
+
As the host is already preinstalled using an image-based installation, a technician can reconfigure and deploy the host in a matter of minutes.
[id="ibi-installation-deployment-components_{context}"]
== Image-based installation and deployment components
The following content describes the components in an image-based installation and deployment.
Seed image:: OCI container image generated from a dedicated cluster with the target {product-title} version.
Seed cluster:: Dedicated {sno} cluster that you use to create a seed image and is deployed with the target {product-title} version.
{lcao}:: Generates the seed image.
Image Based Install (IBI) Operator:: When you deploy managed clusters, the IBI Operator creates a configuration ISO from the site-specific resources you define in the hub cluster, and attaches the configuration ISO to the preinstalled host by using a bare-metal provisioning service.
`openshift-install` program:: Creates the installation and configuration ISO, and embeds the seed image URL in the live installation ISO. If the IBI Operator is not used, you must manually attach the configuration ISO to a preinstalled host to complete the deployment.
[role="_additional-resources"]
.Additional resources
* xref:../../edge_computing/image_base_install/ibi_deploying_sno_clusters/ibi-edge-image-based-install-standalone.adoc#create-standalone-config-iso_ibi-edge-image-based-install[Deploying a {sno} cluster using the `openshift-install` program]
include::modules/ibi-image-based-install-cluster-guide.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* xref:../../edge_computing/image_base_install/ibi-preparing-for-image-based-install.adoc#cnf-image-based-upgrade-shared-container-partition_ibi-preparing-image-based-install[Configuring a shared container partition between ostree stateroots]
include::modules/ibi-validated-software-versions.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* link:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/about/welcome-to-red-hat-advanced-cluster-management-for-kubernetes#multicluster-architecture[Multicluster architecture]
* xref:../../edge_computing/image_based_upgrade/cnf-understanding-image-based-upgrade.adoc#cnf-understanding-image-based-upgrade[Understanding the image-based upgrade for {sno} clusters]

1
edge_computing/image_base_install/ibi_deploying_sno_clusters/_attributes Symbolic link
View File

@@ -0,0 +1 @@
../../../_attributes/

7
edge_computing/image-base-install/ibi-edge-image-based-install-standalone.adoc → edge_computing/image_base_install/ibi_deploying_sno_clusters/ibi-edge-image-based-install-standalone.adoc
View File

@@ -13,9 +13,10 @@ include::modules/ibi-create-standalone-config-iso.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* xref:../../openshift_images/managing_images/using-image-pull-secrets.adoc#using-image-pull-secrets[Using image pull secrets]
* xref:../../../openshift_images/managing_images/using-image-pull-secrets.adoc[Using image pull secrets]
* xref:../../../edge_computing/image_base_install/ibi_deploying_sno_clusters/ibi-edge-image-based-install-standalone.adoc#ibi-installer-configuration-config_ibi-edge-image-based-install[Reference specifications for the `image-based-installation-config.yaml` manifest]
include::modules/ibi-installer-configuration-config.adoc[leveloffset=+2]
include::modules/ibi-extra-manifests-standalone.adoc[leveloffset=+1]
include::modules/ibi-extra-manifests-standalone.adoc[leveloffset=+1]

61
edge_computing/image_base_install/ibi_deploying_sno_clusters/ibi-edge-image-based-install.adoc Normal file
View File

@@ -0,0 +1,61 @@
:_mod-docs-content-type: ASSEMBLY
[id="ibi-edge-image-based-install"]
= About image-based deployments for managed {sno}
include::_attributes/common-attributes.adoc[]
:context: ibi-edge-image-based-install
toc::[]
When a host preinstalled with {sno} using an image-based installation arrives at a remote site, a technician can easily reconfigure and deploy the host in a matter of minutes.
For clusters with a hub-and-spoke architecture, to complete the deployment of a preinstalled host, you must first define site-specific configuration resources on the hub cluster for each host. These resources contain configuration information such as the properties of the bare-metal host, authentication details, and other deployment and networking information.
The Image Based Install (IBI) Operator creates a configuration ISO from these resources, and then boots the host with the configuration ISO attached. The host mounts the configuration ISO and runs the reconfiguration process. When the reconfiguration completes, the {sno} cluster is ready.
[NOTE]
====
You must create distinct configuration resources for each bare-metal host.
====
See the following high-level steps to deploy a preinstalled host in a cluster with a hub-and-spoke architecture:
. Install the IBI Operator on the hub cluster.
. Create site-specific configuration resources in the hub cluster for each host.
. The IBI Operator creates a configuration ISO from these resources and boots the target host with the configuration ISO attached.
. The host mounts the configuration ISO and runs the reconfiguration process. When the reconfiguration completes, the {sno} cluster is ready.
[NOTE]
====
Alternatively, you can manually deploy a preinstalled host for a cluster without using a hub cluster. You must define an `ImageBasedConfig` resource and an installation manifest, and provide these as inputs to the `openshift-install` installation program. For more information, see "Deploying a {sno} cluster using the `openshift-install` program".
====
[role="_additional-resources"]
.Additional resources
* xref:../../../edge_computing/image_base_install/ibi_deploying_sno_clusters/ibi-edge-image-based-install-standalone.adoc#create-standalone-config-iso_ibi-edge-image-based-install[Deploying a {sno} cluster using the `openshift-install` program]
include::modules/ibi-install-ibi-operator.adoc[leveloffset=+1]
include::modules/ibi-create-config-iso.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* xref:../../../openshift_images/managing_images/using-image-pull-secrets.adoc[Using image pull secrets]
* xref:../../../edge_computing/image_base_install/ibi_deploying_sno_clusters/ibi-edge-image-based-install.adoc#ibi-managed-cluster-config-resources_ibi-edge-image-based-install[Cluster configuration resources for deploying a preinstalled host]
include::modules/ibi-managed-cluster-config-resources.adoc[leveloffset=+2]
include::modules/ibi-image-cluster-install-api-spec.adoc[leveloffset=+2]
include::modules/ibi-extra-manifests-configmap.adoc[leveloffset=+1]
[role="_additional-resources"]
.Additional resources
* xref:../../../installing/installing_bare_metal/ipi/ipi-install-post-installation-configuration.adoc#bmo-about-the-baremetalhost-resource_ipi-install-post-installation-configuration[About the BareMetalHost resource]
* xref:../../../openshift_images/managing_images/using-image-pull-secrets.adoc[Using image pull secrets]
* xref:../../../edge_computing/image_base_install/ibi-factory-image-based-install.adoc#ibi-installer-installation-config_ibi-factory-image-based-install[Reference specifications for the image-based-config.yaml manifest]

1
edge_computing/image_base_install/ibi_deploying_sno_clusters/images Symbolic link
View File

@@ -0,0 +1 @@
../../../images/

1
edge_computing/image_base_install/ibi_deploying_sno_clusters/modules Symbolic link
View File

@@ -0,0 +1 @@
../../../modules/

1
edge_computing/image_base_install/ibi_deploying_sno_clusters/snippets Symbolic link
View File

@@ -0,0 +1 @@
../../../snippets/

0
edge_computing/image-base-install/images → edge_computing/image_base_install/images
View File

0
edge_computing/image-base-install/modules → edge_computing/image_base_install/modules
View File

0
edge_computing/image-base-install/snippets → edge_computing/image_base_install/snippets
View File

BIN
images/711_OpenShift_IBI_Installation_high-level_0624.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 107 KiB

7
modules/cnf-image-based-upgrade-generate-seed-image.adoc
View File

@@ -5,7 +5,7 @@
[id="cnf-image-based-upgrade-generate-seed-image_{context}"]
= Generating a seed image with the {lcao}
Use the {lcao} to generate the seed image with the `SeedGenerator` CR. The Operator checks for required system configurations, performs any necessary system cleanup before generating the seed image, and launches the image generation. The seed image generation includes the following tasks:
Use the {lcao} to generate a seed image from a managed cluster. The Operator checks for required system configurations, performs any necessary system cleanup before generating the seed image, and launches the image generation. The seed image generation includes the following tasks:
* Stopping cluster Operators
* Preparing the seed image configuration
@@ -17,6 +17,7 @@ Use the {lcao} to generate the seed image with the `SeedGenerator` CR. The Opera
.Prerequisites
* {rh-rhacm} and {mce} are not installed on the seed cluster.
* You have configured a shared container directory on the seed cluster.
* You have installed the minimum version of the {oadp-short} Operator and the {lcao} on the seed cluster.
* Ensure that persistent volumes are not configured on the seed cluster.
@@ -26,7 +27,7 @@ Use the {lcao} to generate the seed image with the `SeedGenerator` CR. The Opera
.Procedure
. Detach the cluster from the hub to delete any {rh-rhacm}-specific resources from the seed cluster that must not be in the seed image:
. Detach the managed cluster from the hub to delete any {rh-rhacm}-specific resources from the seed cluster that must not be in the seed image:
.. Manually detach the seed cluster by running the following command:
+
@@ -35,7 +36,7 @@ Use the {lcao} to generate the seed image with the `SeedGenerator` CR. The Opera
$ oc delete managedcluster sno-worker-example
----
... Wait until the `ManagedCluster` CR is removed. After the CR is removed, create the proper `SeedGenerator` CR. The {lcao} cleans up the {rh-rhacm} artifacts.
... Wait until the managed cluster is removed. After the cluster is removed, create the proper `SeedGenerator` CR. The {lcao} cleans up the {rh-rhacm} artifacts.
.. If you are using {ztp}, detach your cluster by removing the seed cluster's `SiteConfig` CR from the `kustomization.yaml`.

24
modules/cnf-image-based-upgrade-seed-image-config.adoc
View File

@@ -87,9 +87,6 @@ The following table lists the components, resources, and configurations that you
|All Day 2 Operator subscriptions
|Yes
|`ClusterLogging.yaml`
|Yes
|`DisableOLMPprof.yaml`
|Yes
@@ -115,6 +112,7 @@ The following table lists the components, resources, and configurations that you
|No
|====
ifdef::ibu[]
.Seed image configuration with RAN DU profile for extra manifests
[cols=2*, width="80%", options="header"]
|====
@@ -143,6 +141,24 @@ a|`SriovNetwork.yaml`
`SriovNetworkNodePolicy.yaml`
|If the configuration, including namespaces, is exactly the same on both the seed and target cluster, you can include them in the seed image. Otherwise, apply them as extra manifests.
|====
endif::[]
ifdef::ibi[]
The following list of resources and configurations can be applied as extra manifests or by using {rh-rhacm} policies:
* `ClusterLogForwarder.yaml`
* `ReduceMonitoringFootprint.yaml`
* `SriovFecClusterConfig.yaml`
* `PtpOperatorConfigForEvent.yaml`
* `DefaultCatsrc.yaml`
* `PtpConfig.yaml`
* `SriovNetwork.yaml`
[IMPORTANT]
====
If you are using {ztp}, enable these resources by using {rh-rhacm} policies to ensure configuration changes can be applied throughout the cluster lifecycle.
====
endif::[]
ifeval::["{context}" == "ibi-preparing-image-based-install"]
@@ -151,4 +167,4 @@ endif::[]
ifeval::["{context}" == "generate-seed"]
:!ibu:
endif::[]
endif::[]

314
modules/ibi-create-config-iso.adoc Normal file
View File

@@ -0,0 +1,314 @@
// Module included in the following assemblies:
//
// * edge_computing/ibi-edge-image-based-install.adoc
:_mod-docs-content-type: PROCEDURE
[id="ibi-create-config-iso_{context}"]
= Deploying a managed {sno} cluster using the IBI Operator
Create the site-specific configuration resources in the hub cluster to initiate the image-based deployment of a preinstalled host.
When you create these configuration resources in the hub cluster, the Image Based Install (IBI) Operator generates a configuration ISO and attaches it to the target host to begin the site-specific configuration process. When the configuration process completes, the {sno} cluster is ready.
[NOTE]
====
For more information about the configuration resources that you must configure in the hub cluster, see "Cluster configuration resources for deploying a preinstalled host".
====
.Prerequisites
* You preinstalled a host with {sno} using an image-based installation.
* You logged in as a user with `cluster-admin` privileges.
* You deployed a {rh-rhacm-first} hub cluster or you deployed the multicluster engine for Kubernetes operator (MCE).
* You installed the IBI Operator on the hub cluster.
* You created a pull secret to authenticate pull requests. For more information, see "Using image pull secrets".
.Procedure
. Create the `ibi-ns` namespace by running the following command:
+
[source,terminal]
----
$ oc create namespace ibi-ns
----
. Create the `Secret` resource for your image registry:
.. Create a YAML file that defines the `Secret` resource for your image registry:
+
.Example `secret-image-registry.yaml` file
[source,yaml]
----
apiVersion: v1
kind: Secret
metadata:
name: ibi-image-pull-secret
namespace: ibi-ns
stringData:
.dockerconfigjson: <base64-docker-auth-code> <1>
type: kubernetes.io/dockerconfigjson
----
<1> You must provide base64-encoded credential details. See the "Additional resources" section for more information about using image pull secrets.
.. Create the `Secret` resource for your image registry by running the following command:
+
[source,terminal]
----
$ oc create -f secret-image-registry.yaml
----
. Optional: Configure static networking for the host:
.. Create a `Secret` resource containing the static network configuration in `nmstate` format:
+
.Example `host-network-config-secret.yaml` file
[source,yaml]
----
apiVersion: v1
kind: Secret
metadata:
name: host-network-config-secret <1>
namespace: ibi-ns
type: Opaque
stringData:
nmstate: | <2>
interfaces:
- name: ens1f0 <3>
type: ethernet
state: up
ipv4:
enabled: true
address:
- ip: 10.6.85.8
prefix-length: 24
dhcp: false <4>
ipv6:
enabled: false
dns-resolver:
config:
server:
- 10.6.73.2 <5>
- 10.6.73.4
routes:
config: <6>
- destination: 0.0.0.0/0
metric: 150
next-hop-address: 10.6.85.254
next-hop-interface: ens1f0
table-id: 254
----
<1> Specify the name for the `Secret` resource.
<2> Define the static network configuration in `nmstate` format.
<3> Specify the name of the interface on the host. The name of the interface must match the actual NIC name as shown in the operating system. To use your MAC address for NIC matching, set the `identifier` field to `mac-address`.
<4> You must specify `dhcp: false` to ensure `nmstate` assigns the static IP address to the interface.
<5> Specify one or more DNS servers that the system will use to resolve domain names.
<6> In this example, the default route is configured through the `ens1f0` interface to the next hop IP address `10.6.85.254`.
. Create the `BareMetalHost` and `Secret` resources:
.. Create a YAML file that defines the `BareMetalHost` and `Secret` resources:
+
.Example `ibi-bmh.yaml` file
[source,yaml]
----
apiVersion: metal3.io/v1alpha1
kind: BareMetalHost
metadata:
name: ibi-bmh <1>
namespace: ibi-ns
spec:
online: false <2>
bootMACAddress: 00:a5:12:55:62:64 <3>
bmc:
address: redfish-virtualmedia+http://192.168.111.1:8000/redfish/v1/Systems/8a5babac-94d0-4c20-b282-50dc3a0a32b5 <4>
credentialsName: ibi-bmh-bmc-secret <5>
preprovisioningNetworkDataName: host-network-config-secret <6>
automatedCleaningMode: disabled <7>
externallyProvisioned: true <8>
---
apiVersion: v1
kind: Secret
metadata:
name: ibi-bmh-secret <9>
namespace: ibi-ns
type: Opaque
data:
username: <user_name> <10>
password: <password> <11>
----
<1> Specify the name for the `BareMetalHost` resource.
<2> Specify if the host should be online.
<3> Specify the host boot MAC address.
<4> Specify the BMC address. You can only use bare-metal host drivers that support virtual media networking booting, for example redfish-virtualmedia and idrac-virtualmedia.
<5> Specify the name of the bare-metal host `Secret` resource.
<6> Optional: If you require static network configuration for the host, specify the name of the `Secret` resource containing the configuration.
<7> You must specify `automatedCleaningMode:disabled` to prevent the provisioning service from deleting all preinstallation artifacts, such as the seed image, during disk inspection.
<8> You must specify `externallyProvisioned: true` to enable the host to boot from the preinstalled disk, instead of the configuration ISO.
<9> Specify the name for the `Secret` resource.
<10> Specify the username.
<11> Specify the password.
.. Create the `BareMetalHost` and `Secret` resources by running the following command:
+
[source,terminal]
----
$ oc create -f ibi-bmh.yaml
----
. Create the `ClusterImageSet` resource:
.. Create a YAML file that defines the `ClusterImageSet` resource:
+
.Example `ibi-cluster-image-set.yaml` file
[source,yaml]
----
apiVersion: hive.openshift.io/v1
kind: ClusterImageSet
metadata:
name: ibi-img-version-arch <1>
spec:
releaseImage: ibi.example.com:path/to/release/images:version-arch <2>
----
<1> Specify the name for the `ClusterImageSet` resource.
<2> Specify the address for the release image to use for the deployment. If you use a different image registry compared to the image registry used during seed image generation, ensure that the {product-title} version for the release image remains the same.
.. Create the `ClusterImageSet` resource by running the following command:
+
[source,terminal]
----
$ oc apply -f ibi-cluster-image-set.yaml
----
. Create the `ImageClusterInstall` resource:
.. Create a YAML file that defines the `ImageClusterInstall` resource:
+
.Example `ibi-image-cluster-install.yaml` file
[source,yaml]
----
apiVersion: extensions.hive.openshift.io/v1alpha1
kind: ImageClusterInstall
metadata:
name: ibi-image-install <1>
namespace: ibi-ns
spec:
bareMetalHostRef:
name: ibi-bmh <2>
namespace: ibi-ns
clusterDeploymentRef:
name: ibi-cluster-deployment <3>
hostname: ibi-host <4>
imageSetRef:
name: ibi-img-version-arch <5>
machineNetwork: 10.0.0.0/24 <6>
proxy: <7>
httpProxy: "http://proxy.example.com:8080"
#httpsProxy: "http://proxy.example.com:8080"
#noProxy: "no_proxy.example.com"
----
<1> Specify the name for the `ImageClusterInstall` resource.
<2> Specify the `BareMetalHost` resource that you want to target for the image-based installation.
<3> Specify the name of the `ClusterDeployment` resource that you want to use for the image-based installation of the target host.
<4> Specify the hostname for the cluster.
<5> Specify the name of the `ClusterImageSet` resource you used to define the container release images to use for deployment.
<6> Specify the public CIDR (Classless Inter-Domain Routing) of the external network.
<7> Optional: Specify a proxy to use for the cluster deployment.
+
[IMPORTANT]
====
If your cluster deployment requires a proxy configuration, you must do the following:
* Create a seed image from a seed cluster featuring a proxy configuration. The proxy configurations do not have to match.
* Configure the `machineNetwork` field in your installation manifest.
====
.. Create the `ImageClusterInstall` resource by running the following command:
+
[source,terminal]
----
$ oc create -f ibi-image-cluster-install.yaml
----
. Create the `ClusterDeployment` resource:
.. Create a YAML file that defines the `ClusterDeployment` resource:
+
.Example `ibi-cluster-deployment.yaml` file
[source,yaml]
----
apiVersion: hive.openshift.io/v1
kind: ClusterDeployment
metadata:
name: ibi-cluster-deployment <1>
namespace: ibi-ns <2>
spec:
baseDomain: example.com <3>
clusterInstallRef:
group: extensions.hive.openshift.io
kind: ImageClusterInstall
name: ibi-image-install <4>
version: v1alpha1
clusterName: ibi-cluster <5>
platform:
none: {}
pullSecretRef:
name: ibi-image-pull-secret <6>
----
<1> Specify the name for the `ClusterDeployment` resource.
<2> Specify the namespace for the `ClusterDeployment` resource.
<3> Specify the base domain that the cluster should belong to.
<4> Specify the name of the `ImageClusterInstall` in which you defined the container images to use for the image-based installation of the target host.
<5> Specify a name for the cluster.
<6> Specify the secret to use for pulling images from your image registry.
.. Create the `ClusterDeployment` resource by running the following command:
+
[source,terminal]
----
$ oc apply -f ibi-cluster-deployment.yaml
----
. Create the `ManagedCluster` resource:
.. Create a YAML file that defines the `ManagedCluster` resource:
+
.Example `ibi-managed.yaml` file
[source,yaml]
----
apiVersion: cluster.open-cluster-management.io/v1
kind: ManagedCluster
metadata:
name: sno-ibi <1>
spec:
hubAcceptsClient: true <2>
----
<1> Specify the name for the `ManagedCluster` resource.
<2> Specify `true` to enable {rh-rhacm} to mange the cluster.
.. Create the `ManagedCluster` resource by running the following command:
+
[source,terminal]
----
$ oc apply -f ibi-managed.yaml
----
.Verification
* Check the status of the `ImageClusterInstall` in the hub cluster to monitor the progress of the target host installation by running the following command:
+
[source,terminal]
----
$ oc get imageclusterinstall
----
+
.Example output
[source,terminal]
----
NAME REQUIREMENTSMET COMPLETED BAREMETALHOSTREF
target-0 HostValidationSucceeded ClusterInstallationSucceeded ibi-bmh
----
+
[WARNING]
====
If the `ImageClusterInstall` resource is deleted, the IBI Operator reattaches the `BareMetalHost` resource and reboots the machine.
====

2
modules/ibi-create-iso-for-bmh.adoc
View File

@@ -10,7 +10,7 @@ You can embed your {sno} seed image URL, and other installation artifacts, in a
[NOTE]
====
For more information about the specification for the `image-based-installation-config.yaml` manifest, see the section _Reference specifications for the `image-based-installation-config.yaml` manifest_.
For more information about the specification for the `image-based-installation-config.yaml` manifest, see the section "Reference specifications for the `image-based-installation-config.yaml` manifest".
====
.Prerequisites

8
modules/ibi-create-standalone-config-iso.adoc
View File

@@ -22,7 +22,7 @@ For more information about the specifications for the `image-based-config.yaml`
* You preinstalled a host with {sno} using an image-based installation.
* You downloaded the latest version of the `openshift-install` program.
* You created a pull secret to authenticate pull requests.
* You created a pull secret to authenticate pull requests. For more information, see "Using image pull secrets".
.Procedure
@@ -122,7 +122,6 @@ networkConfig:
- name: eth0
type: ethernet
state: up
#mtu: 9000 <1>
mac-address: 00:00:00:00:00:00
ipv4:
enabled: true
@@ -131,7 +130,6 @@ networkConfig:
prefix-length: 23
dhcp: false
----
<1> If you configure a maximum transmission unit (MTU) in the seed cluster, you must apply the same MTU value in the static network configuration for the configuration ISO.
. Edit your configuration file:
+
@@ -233,6 +231,4 @@ $ oc get nodes
----
NAME STATUS ROLES AGE VERSION
node/sno-cluster-name.host.example.com Ready control-plane,master 5h15m v1.30.3
----
----

144
modules/ibi-extra-manifests-configmap.adoc Normal file
View File

@@ -0,0 +1,144 @@
// Module included in the following assemblies:
//
// * edge_computing/ibi-edge-image-based-install.adoc
:_mod-docs-content-type: CONCEPT
[id="ibi-extra-manifests-configmap_{context}"]
= ConfigMap resources for extra manifests
You can optionally create a `ConfigMap` resource to define additional manifests in an image-based deployment for managed {sno} clusters.
After you create the `ConfigMap` resource, reference it in the `ImageClusterInstall` resource. During deployment, the IBI Operator includes the extra manifests in the deployment.
[id="ibi-create-extra-manifest-configmap_{context}"]
== Creating a ConfigMap resource to add extra manifests in an image-based deployment
You can use a `ConfigMap` resource to add extra manifests to the image-based deployment for {sno} clusters.
The following example adds an single-root I/O virtualization (SR-IOV) network to the deployment.
.Prerequisites
* You preinstalled a host with {sno} using an image-based installation.
* You logged in as a user with `cluster-admin` privileges.
.Procedure
. Create the `SriovNetworkNodePolicy` and `SriovNetwork` resources:
.. Create a YAML file that defines the resources:
+
.Example `sriov-extra-manifest.yaml` file
+
[source,yaml]
----
apiVersion: sriovnetwork.openshift.io/v1
kind: SriovNetworkNodePolicy
metadata:
name: "example-sriov-node-policy"
namespace: openshift-sriov-network-operator
spec:
deviceType: vfio-pci
isRdma: false
nicSelector:
pfNames: [ens1f0]
nodeSelector:
node-role.kubernetes.io/master: ""
mtu: 1500
numVfs: 8
priority: 99
resourceName: example-sriov-node-policy
---
apiVersion: sriovnetwork.openshift.io/v1
kind: SriovNetwork
metadata:
name: "example-sriov-network"
namespace: openshift-sriov-network-operator
spec:
ipam: |-
{
}
linkState: auto
networkNamespace: sriov-namespace
resourceName: example-sriov-node-policy
spoofChk: "on"
trust: "off"
----
.. Create the `ConfigMap` resource by running the following command:
+
[source,terminal]
----
$ oc create configmap sr-iov-extra-manifest --from-file=sriov-extra-manifest.yaml -n ibi-ns <1>
----
<1> Specify the namespace that has the `ImageClusterInstall` resource.
+
.Example output
[source,terminal]
----
configmap/sr-iov-extra-manifest created
----
. Reference the `ConfigMap` resource in the `spec.extraManifestsRefs` field of the `ImageClusterInstall` resource:
+
[source,yaml]
----
#...
spec:
extraManifestsRefs:
- name: sr-iov-extra-manifest
#...
----
[id="ibi-create-ca-extra-manifest-configmap_{context}"]
== Creating a ConfigMap resource to add a CA bundle in an image-based deployment
You can use a `ConfigMap` resource to add a certificate authority (CA) bundle to the host to ensure trusted communications for cluster services.
After you create the `ConfigMap` resource, reference it in the `spec.caBundleRef` field of the `ImageClusterInstall` resource.
.Prerequisites
* You preinstalled a host with {sno} using an image-based installation.
* You logged in as a user with `cluster-admin` privileges.
.Procedure
. Create a CA bundle file such as the following file:
+
.Example `example-ca.crt`
[source,text]
----
-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAKmjYKJbIyz3MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
...Custom CA certificate bundle...
4WPl0Qb27Sb1xZyAsy1ww6MYb98EovazUSfjYr2EVF6ThcAPu4/sMxUV7He2J6Jd
cA8SMRwpUbz3LXY=
-----END CERTIFICATE-----
----
. Create the ConfigMap object by running the following command:
+
[source,terminal]
----
$ oc create configmap custom-ca --from-file=example-ca.crt -n ibi-ns <1>
----
<1> Specify the namespace that has the `ImageClusterInstall` resource.
+
.Example output
[source,terminal]
----
configmap/custom-ca created
----
. Reference the `ConfigMap` resource in the `spec.caBundleRef` field of the `ImageClusterInstall` resource:
+
[source,yaml]
----
#...
spec:
caBundleRef:
name: custom-ca
#...
----

9
modules/ibi-image-based-install-cluster-guide.adoc
View File

@@ -2,8 +2,8 @@
// * edge_computing/image-based-install/ibi-understanding-image-based-install.adoc
:_mod-docs-content-type: CONCEPT
[id="ztp-image-based-install-hub-cluster-guide_{context}"]
= Cluster guidelines for an image-based installation and deployment
[id="ibi-image-based-install-cluster-guide_{context}"]
= Cluster guidelines for image-based installation and deployment
For a successful image-based installation and deployment, see the following guidelines.
@@ -17,11 +17,12 @@ For a successful image-based installation and deployment, see the following guid
* If you set a maximum transmission unit (MTU) in the seed cluster, you must set the same MTU value in the static network configuration for the image-based configuration ISO.
* Your {sno} seed cluster must have a shared `var/lib/containers` directory for precaching images during an image-based installation. For more information see the section _Configuring a shared container directory between ostree stateroots_.
* Your {sno} seed cluster must have a shared `/var/lib/containers` directory for precaching images during an image-based installation. For more information see "Configuring a shared container partition between ostree stateroots".
* Create a seed image from a {sno} cluster that uses the same hardware as your target bare-metal host. The seed cluster must reflect your target cluster configuration for the following items:
** CPU topology
*** CPU architecture
*** Number of CPU cores
*** Tuned performance configuration, such as number of reserved CPUs
@@ -36,7 +37,7 @@ Dual-stack networking is not supported in this release.
+
[NOTE]
====
If the target cluster uses a disconnected registry, your seed cluster must use a disconnected registry. The registries do not have to be the same. "
If the target cluster uses a disconnected registry, your seed cluster must use a disconnected registry. The registries do not have to be the same.
====
** FIPS configuration

62
modules/ibi-image-cluster-install-api-spec.adoc Normal file
View File

@@ -0,0 +1,62 @@
// Module included in the following assemblies:
//
// * edge_computing/ibi-edge-image-based-install.adoc
:_mod-docs-content-type: REFERENCE
[id="ibi-image-cluster-install-api-spec_{context}"]
= ImageClusterInstall resource API specifications
The following content describes the API specifications for the `ImageClusterInstall` resource. This resource is the endpoint for the Image Based Install Operator.
.Required specifications
[options="header"]
[cols="2a,1a,4a"]
|====
|Specification|Type|Description
|`imageSetRef`|`string`| Specify the name of the `ClusterImageSet` resource that defines the release images for the deployment.
|`hostname`|`string`| Specify the hostname for the cluster.
|`sshKey`|`string`| Specify your SSH key to provide SSH access to the target host.
|====
.Optional specifications
[options="header"]
[cols="2a,1a,4a"]
|====
|Specification|Type|Description
|`clusterDeploymentRef`|`string`| Specify the name of the `ClusterDeployment` resource that you want to use for the image-based installation of the target host.
|`clusterMetadata`|`string`| After the deployment completes, this specification is automatically populated with metadata information about the cluster, including the `cluster-admin` kubeconfig credentials for logging in to the cluster.
|`imageDigestSources`|`string`|Specifies the sources or repositories for the release-image content, for example:
[source,yaml]
----
imageDigestSources:
- mirrors:
- "registry.example.com:5000/ocp4/openshift4"
source: "quay.io/openshift-release-dev/ocp-release"
----
|`extraManifestsRefs`|`string`| Specify a `ConfigMap` resource containing additional manifests to be applied to the target cluster.
|`bareMetalHostRef`|`string`| Specify the `bareMetalHost` resource to use for the cluster deployment
|`machineNetwork`|`string`| Specify the public CIDR (Classless Inter-Domain Routing) of the external network.
|`proxy`|`string`|Specifies proxy settings for the cluster, for example:
[source,yaml]
----
proxy:
httpProxy: "http://proxy.example.com:8080"
httpsProxy: "http://proxy.example.com:8080"
noProxy: "no_proxy.example.com"
----
|`caBundleRef`|`string`| Specify a `ConfigMap` resource containing the new bundle of trusted certificates for the host.
|====

45
modules/ibi-install-ibi-operator.adoc Normal file
View File

@@ -0,0 +1,45 @@
// Module included in the following assemblies:
//
// * edge_computing/ibi-edge-image-based-install.adoc
:_mod-docs-content-type: PROCEDURE
[id="ibi-install-ibi-operator_{context}"]
= Installing the Image Based Install Operator
The Image Based Install (IBI) Operator is part of the image-based deployment workflow for preinstalled {sno} on bare-metal hosts.
[NOTE]
====
The IBI Operator is part of the {mce} from MCE version 2.7.
====
.Prerequisites
* You logged in as a user with `cluster-admin` privileges.
* You deployed a {rh-rhacm-first} hub cluster or you deployed the {mce}.
* You reviewed the required versions of software components in the section "Software prerequisites for an image-based installation".
.Procedure
* Set the `enabled` specification to `true` for the `image-based-install-operator` component in the `MultiClusterEngine` resource by running the following command:
+
[source,terminal]
----
$ oc patch multiclusterengines.multicluster.openshift.io multiclusterengine --type json \
--patch '[{"op": "add", "path":"/spec/overrides/components/-", "value": {"name":"image-based-install-operator","enabled": true}}]'
----
.Verification
* Check that the Image Based Install Operator pod is running by running the following command:
+
[source,terminal]
----
$ oc get pods -A | grep image-based
----
+
.Example output
[source,terminal]
----
multicluster-engine image-based-install-operator-57fb8sc423-bxdj8 2/2 Running 0 5m
----

47
modules/ibi-managed-cluster-config-resources.adoc Normal file
View File

@@ -0,0 +1,47 @@
// Module included in the following assemblies:
//
// * edge_computing/ibi-edge-image-based-install.adoc
:_mod-docs-content-typetent-type: REFERENCE
[id="ibi-managed-cluster-config-resources_{context}"]
= Cluster configuration resources for deploying a preinstalled host
To complete a deployment for a preinstalled host at a remote site, you must configure the following site-specifc cluster configuration resources in the hub cluster for each bare-metal host.
.Cluster configuration resources reference
[cols="1,3", options="header"]
|===
| Resource | Description
|`Namespace`
|Namespace for the managed {sno} cluster.
|`BareMetalHost`
|Describes the physical host and its properties, such as the provisioning and hardware configuration.
|`Secret` for the bare-metal host
|Credentials for the host BMC.
|`Secret` for the bare-metal host static network configuration
|Optional: Describes static network configuration for the target host.
|`Secret` for the image registry
|Credentials for the image registry. The secret for the image registry must be of type `kubernetes.io/dockerconfigjson`.
|`ImageClusterInstall`
|References the bare-metal host, deployment, and image set resources.
|`ClusterImageSet`
|Describes the release images to use for the cluster.
|`ClusterDeployment`
|Describes networking, authentication, and platform-specific settings.
|`ManagedCluster`
|Describes cluster details to enable {rh-rhacm-first} to register and manage.
|`ConfigMap`
|Optional: Describes additional configurations for the cluster deployment, such as adding a bundle of trusted certificates for the host to ensure trusted communications for cluster services.
|===

3
modules/ibi-validated-software-versions.adoc
View File

@@ -25,6 +25,9 @@ An image-based installation and deployment requires the following minimum softwa
|{lcao}
|4.16 or later
|Image Based Install Operator
|4.17
|`openshift-install` program
|4.17