From 478e8925b075f50667b8ae8609d47a76b8178bb1 Mon Sep 17 00:00:00 2001 From: JoeAldinger Date: Tue, 8 Jul 2025 14:40:26 -0400 Subject: [PATCH] networking overview Ingress and load balancing Advanced networking configuring network settings networking overview Ingress and load balancing Advanced networking configuring network settings --- _attributes/_attributes | 2 +- _topic_maps/_topic_map.yml | 226 +++++++++--------- _topic_maps/_topic_map_osd.yml | 27 ++- _topic_maps/_topic_map_rosa.yml | 29 ++- .../migrate-from-openshift-sdn.adoc | 4 +- .../route-based-deployment-strategies.adoc | 4 +- architecture/index.adoc | 2 +- .../scenario-2-restoring-cluster-state.adoc | 2 +- cicd/builds/setting-up-trusted-ca.adoc | 2 +- ...ting-applications-with-cicd-pipelines.adoc | 2 +- .../understanding-openshift-pipelines.adoc | 2 +- cicd/pipelines/using-pipelines-as-code.adoc | 2 +- ...ud-experts-aws-load-balancer-operator.adoc | 2 +- ...ts-getting-started-openshift-concepts.adoc | 18 +- ...-experts-getting-started-what-is-rosa.adoc | 2 +- .../updating/disconnected-update-osus.adoc | 2 +- .../etcd-disaster-recovery.adoc | 2 +- .../hcp-deploy/hcp-deploy-bm.adoc | 2 +- hosted_control_planes/hcp-networking.adoc | 2 +- .../hcp-prepare/hcp-requirements.adoc | 4 +- .../ipi/installing-aws-localzone.adoc | 6 +- ...installing-aws-network-customizations.adoc | 2 +- .../ipi/installing-aws-outposts.adoc | 2 +- .../ipi/installing-aws-wavelength-zone.adoc | 6 +- ...talling-nutanix-installer-provisioned.adoc | 2 +- ...etworks-nutanix-installer-provisioned.adoc | 2 +- ...installing-openstack-installer-custom.adoc | 2 +- ...stalling-openstack-installer-ovs-dpdk.adoc | 2 +- .../installing-openstack-user-sr-iov.adoc | 2 +- .../installing-openstack-user.adoc | 2 +- .../cpmso-config-options-aws.adoc | 2 +- .../cpmso-config-options-azure.adoc | 2 +- .../manually-scaling-machineset.adoc | 2 +- migrating_from_ocp_3_to_4/index.adoc | 2 +- migrating_from_ocp_3_to_4/installing-3-4.adoc | 2 +- .../installing-restricted-3-4.adoc | 2 +- .../installing-mtc-restricted.adoc | 2 +- .../installing-mtc.adoc | 2 +- ...-creating-a-cluster-cli-no-cni-plugin.adoc | 4 +- .../_attributes | 0 ...rfaces-metrics-to-network-attachments.adoc | 0 .../changing-cluster-network-mtu.adoc | 3 +- .../images | 0 .../modules | 0 .../ptp}/_attributes | 0 .../ptp/about-ptp.adoc | 2 +- .../ptp/configuring-ptp.adoc | 16 +- .../{ => advanced_networking}/ptp/images | 0 .../{ => advanced_networking}/ptp/modules | 0 ...loud-events-consumer-dev-reference-v2.adoc | 8 +- .../ptp/ptp-events-rest-api-reference-v2.adoc | 10 +- .../ptp}/snippets | 0 networking/advanced_networking/snippets | 1 + .../{ => advanced_networking}/using-sctp.adoc | 0 .../verifying-connectivity-endpoint.adoc | 0 .../configuring-cluster-wide-proxy.adoc | 3 + .../_attributes | 0 ...gure-syscontrols-interface-tuning-cni.adoc | 6 +- .../configuring-a-custom-pki.adoc | 4 +- .../configuring-cluster-network-range.adoc | 4 +- .../configuring-ipfailover.adoc | 2 +- .../configuring-node-port-service-range.adoc | 8 +- .../enable-cluster-wide-proxy.adoc | 14 +- .../images | 0 .../modules | 0 .../configuring_network_settings/snippets | 1 + .../_attributes | 0 .../_attributes | 1 + .../allocating-load-balancers.adoc | 0 .../configuring-externalip.adoc | 6 +- ...figuring-ingress-cluster-patch-fields.adoc | 0 ...nfiguring-ingress-cluster-traffic-aws.adoc | 4 +- ...ss-cluster-traffic-ingress-controller.adoc | 10 +- ...c-load-balancer-allowed-source-ranges.adoc | 3 +- ...ingress-cluster-traffic-load-balancer.adoc | 0 ...ring-ingress-cluster-traffic-nodeport.adoc | 6 +- ...s-cluster-traffic-service-external-ip.adoc | 10 +- .../images | 1 + .../ingress-controller-dnsmgt.adoc | 2 +- .../ingress-gateway-api.adoc | 0 .../modules | 1 + ...ntroller-endpoint-publishing-strategy.adoc | 6 +- .../overview-traffic.adoc | 10 +- .../snippets | 0 networking/ingress_load_balancing/images | 1 + .../load-balancing-openstack.adoc | 4 + .../metallb/_attributes | 1 + .../about-advertising-ipaddresspool.adoc | 2 +- .../metallb/images | 0 .../metallb-configure-address-pools.adoc | 8 +- .../metallb-configure-bfd-profiles.adoc | 2 +- .../metallb/metallb-configure-bgp-peers.adoc | 10 +- .../metallb-configure-community-alias.adoc | 0 .../metallb-configure-return-traffic.adoc | 8 +- .../metallb/metallb-configure-services.adoc | 0 .../metallb/metallb-frr-k8s.adoc | 0 .../metallb/metallb-troubleshoot-support.adoc | 4 +- .../metallb/modules | 0 .../metallb}/snippets | 0 networking/ingress_load_balancing/modules | 1 + .../ingress_load_balancing/routes/_attributes | 1 + .../ingress_load_balancing/routes/images | 1 + .../ingress_load_balancing/routes/modules | 1 + .../routes/route-configuration.adoc | 8 +- .../routes/secured-routes.adoc | 2 +- .../routes/snippets | 0 networking/ingress_load_balancing/snippets | 1 + ...-nmstate-updating-node-network-config.adoc | 2 +- .../configuring-ipsec-ovn.adoc | 10 +- .../aws-load-balancer-operator.adoc | 2 +- ...ress-proxy-aws-load-balancer-operator.adoc | 2 +- ...onfiguring-aws-load-balancer-operator.adoc | 2 +- .../cluster-network-operator.adoc | 2 +- .../ingress-operator.adoc | 2 +- .../metallb-operator/about-metallb.adoc | 4 +- .../metallb-operator-install.adoc | 4 +- networking/networking_overview/_attributes | 1 + .../about-managed-networking.adoc | 6 +- .../accessing-hosts.adoc | 0 .../cidr-range-definitions.adoc | 8 +- networking/networking_overview/images | 1 + networking/networking_overview/modules | 1 + .../networking-dashboards.adoc | 2 +- networking/networking_overview/snippets | 1 + .../understanding-networking.adoc | 2 +- ...traffic-for-vrf-loadbalancer-services.adoc | 4 +- ...vn-kubernetes-troubleshooting-sources.adoc | 4 +- .../containers/nodes-containers-sysctls.adoc | 2 +- .../admin/olm-configuring-proxy-support.adoc | 6 +- .../configuring-private-cluster.adoc | 2 +- .../post-install-network-configuration.adoc | 6 +- release_notes/ocp-4-19-release-notes.adoc | 12 +- .../optimization/optimizing-networking.adoc | 2 +- .../optimization/routing-optimization.adoc | 2 +- .../telco-core-rds.adoc | 2 +- .../telco-hub-rds.adoc | 4 +- .../cert-manager-securing-routes.adoc | 4 +- .../proxy-certificates.adoc | 2 +- .../service-serving-certificate.adoc | 2 +- security/certificates/updating-ca-bundle.adoc | 2 +- .../container_security/security-network.adoc | 2 +- .../install/install-serverless-operator.adoc | 2 +- .../routing-overview.adoc | 2 +- service_mesh/v2x/ossm-route-migration.adoc | 2 +- service_mesh/v2x/ossm-traffic-manage.adoc | 4 +- .../rosa-troubleshooting-deployments.adoc | 2 +- .../updating-cluster-prepare.adoc | 2 +- ...t-accessing-vm-secondary-network-fqdn.adoc | 2 +- ...-connecting-vm-to-default-pod-network.adoc | 2 +- .../virt-exposing-vm-with-service.adoc | 6 +- welcome/learn_more_about_openshift.adoc | 4 +- .../enabling-windows-container-workloads.adoc | 2 +- 152 files changed, 384 insertions(+), 339 deletions(-) rename networking/{configuring_ingress_cluster_traffic => advanced_networking}/_attributes (100%) rename networking/{ => advanced_networking}/associating-secondary-interfaces-metrics-to-network-attachments.adoc (100%) rename networking/{ => advanced_networking}/changing-cluster-network-mtu.adoc (85%) rename networking/{configuring_ingress_cluster_traffic => advanced_networking}/images (100%) rename networking/{configuring_ingress_cluster_traffic => advanced_networking}/modules (100%) rename networking/{metallb => advanced_networking/ptp}/_attributes (100%) rename networking/{ => advanced_networking}/ptp/about-ptp.adoc (93%) rename networking/{ => advanced_networking}/ptp/configuring-ptp.adoc (68%) rename networking/{ => advanced_networking}/ptp/images (100%) rename networking/{ => advanced_networking}/ptp/modules (100%) rename networking/{ => advanced_networking}/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc (70%) rename networking/{ => advanced_networking}/ptp/ptp-events-rest-api-reference-v2.adoc (53%) rename networking/{configuring_ingress_cluster_traffic => advanced_networking/ptp}/snippets (100%) create mode 120000 networking/advanced_networking/snippets rename networking/{ => advanced_networking}/using-sctp.adoc (100%) rename networking/{ => advanced_networking}/verifying-connectivity-endpoint.adoc (100%) rename networking/{ptp => configuring_network_settings}/_attributes (100%) rename networking/{ => configuring_network_settings}/configure-syscontrols-interface-tuning-cni.adoc (68%) rename networking/{ => configuring_network_settings}/configuring-a-custom-pki.adoc (80%) rename networking/{ => configuring_network_settings}/configuring-cluster-network-range.adoc (81%) rename networking/{ => configuring_network_settings}/configuring-ipfailover.adoc (97%) rename networking/{ => configuring_network_settings}/configuring-node-port-service-range.adoc (79%) rename networking/{ => configuring_network_settings}/enable-cluster-wide-proxy.adoc (68%) rename networking/{routes => configuring_network_settings}/images (100%) rename networking/{routes => configuring_network_settings}/modules (100%) create mode 120000 networking/configuring_network_settings/snippets rename networking/{routes => ingress_load_balancing}/_attributes (100%) create mode 120000 networking/ingress_load_balancing/configuring_ingress_cluster_traffic/_attributes rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/allocating-load-balancers.adoc (100%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-externalip.adoc (70%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-ingress-cluster-patch-fields.adoc (100%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc (86%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc (80%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges.adoc (84%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc (100%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc (75%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc (61%) create mode 120000 networking/ingress_load_balancing/configuring_ingress_cluster_traffic/images rename networking/{ => ingress_load_balancing/configuring_ingress_cluster_traffic}/ingress-controller-dnsmgt.adoc (92%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc (100%) create mode 120000 networking/ingress_load_balancing/configuring_ingress_cluster_traffic/modules rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc (72%) rename networking/{ => ingress_load_balancing}/configuring_ingress_cluster_traffic/overview-traffic.adoc (70%) rename networking/{metallb => ingress_load_balancing/configuring_ingress_cluster_traffic}/snippets (100%) create mode 120000 networking/ingress_load_balancing/images rename networking/{ => ingress_load_balancing}/load-balancing-openstack.adoc (95%) create mode 120000 networking/ingress_load_balancing/metallb/_attributes rename networking/{ => ingress_load_balancing}/metallb/about-advertising-ipaddresspool.adoc (93%) rename networking/{ => ingress_load_balancing}/metallb/images (100%) rename networking/{ => ingress_load_balancing}/metallb/metallb-configure-address-pools.adoc (58%) rename networking/{ => ingress_load_balancing}/metallb/metallb-configure-bfd-profiles.adoc (81%) rename networking/{ => ingress_load_balancing}/metallb/metallb-configure-bgp-peers.adoc (57%) rename networking/{ => ingress_load_balancing}/metallb/metallb-configure-community-alias.adoc (100%) rename networking/{ => ingress_load_balancing}/metallb/metallb-configure-return-traffic.adoc (82%) rename networking/{ => ingress_load_balancing}/metallb/metallb-configure-services.adoc (100%) rename networking/{ => ingress_load_balancing}/metallb/metallb-frr-k8s.adoc (100%) rename networking/{ => ingress_load_balancing}/metallb/metallb-troubleshoot-support.adoc (67%) rename networking/{ => ingress_load_balancing}/metallb/modules (100%) rename networking/{ptp => ingress_load_balancing/metallb}/snippets (100%) create mode 120000 networking/ingress_load_balancing/modules create mode 120000 networking/ingress_load_balancing/routes/_attributes create mode 120000 networking/ingress_load_balancing/routes/images create mode 120000 networking/ingress_load_balancing/routes/modules rename networking/{ => ingress_load_balancing}/routes/route-configuration.adoc (78%) rename networking/{ => ingress_load_balancing}/routes/secured-routes.adoc (92%) rename networking/{ => ingress_load_balancing}/routes/snippets (100%) create mode 120000 networking/ingress_load_balancing/snippets create mode 120000 networking/networking_overview/_attributes rename networking/{ => networking_overview}/about-managed-networking.adoc (79%) rename networking/{ => networking_overview}/accessing-hosts.adoc (100%) rename networking/{ => networking_overview}/cidr-range-definitions.adoc (90%) create mode 120000 networking/networking_overview/images create mode 120000 networking/networking_overview/modules rename networking/{ => networking_overview}/networking-dashboards.adoc (90%) create mode 120000 networking/networking_overview/snippets rename networking/{ => networking_overview}/understanding-networking.adoc (96%) diff --git a/_attributes/_attributes b/_attributes/_attributes index bf7c2529fd..20cc1dcb77 120000 --- a/_attributes/_attributes +++ b/_attributes/_attributes @@ -1 +1 @@ -../../../_attributes/ \ No newline at end of file +../../_attributes/ \ No newline at end of file diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index b83cfc75ea..9ac58a6c52 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -1383,12 +1383,18 @@ Name: Networking Dir: networking Distros: openshift-enterprise,openshift-origin Topics: -- Name: Understanding networking - File: understanding-networking -- Name: Accessing hosts - File: accessing-hosts -- Name: Networking dashboards - File: networking-dashboards +- Name: Networking overview + Dir: networking_overview + Distros: openshift-enterprise,openshift-origin + Topics: + - Name: Understanding networking + File: understanding-networking + - Name: Accessing hosts + File: accessing-hosts + - Name: Networking dashboards + File: networking-dashboards + - Name: CIDR range definitions + File: cidr-range-definitions - Name: Networking Operators Dir: networking_operators Distros: openshift-enterprise,openshift-origin @@ -1543,37 +1549,6 @@ Topics: File: configuring-ipsec-ovn - Name: Zero trust networking File: zero-trust-networking -- Name: Configuring the Ingress Controller for manual DNS management - File: ingress-controller-dnsmgt - Distros: openshift-enterprise,openshift-origin -- Name: Verifying connectivity to an endpoint - File: verifying-connectivity-endpoint -- Name: Changing the cluster network MTU - File: changing-cluster-network-mtu -- Name: Configuring the node port service range - File: configuring-node-port-service-range -- Name: Configuring the cluster network IP address range - File: configuring-cluster-network-range -- Name: Configuring IP failover - File: configuring-ipfailover -- Name: Configuring system controls and interface attributes using the tuning plugin - File: configure-syscontrols-interface-tuning-cni -- Name: Using Stream Control Transmission Protocol - File: using-sctp - Distros: openshift-enterprise,openshift-origin -- Name: Using PTP hardware - Dir: ptp - Topics: - - Name: About PTP in OpenShift cluster nodes - File: about-ptp - - Name: Configuring PTP devices - File: configuring-ptp - - Name: Developing PTP events consumer applications with the REST API v2 - File: ptp-cloud-events-consumer-dev-reference-v2 - - Name: PTP events REST API v2 reference - File: ptp-events-rest-api-reference-v2 -- Name: CIDR range definitions - File: cidr-range-definitions - Name: Multiple networks Dir: multiple_networks Distros: openshift-enterprise,openshift-origin @@ -1679,52 +1654,112 @@ Topics: File: tracking-network-flows - Name: Configuring hybrid networking File: configuring-hybrid-networking -- Name: Configuring Routes - Dir: routes +- Name: Ingress and load balancing + Dir: ingress_load_balancing + Distros: openshift-enterprise,openshift-origin Topics: - - Name: Route configuration - File: route-configuration - - Name: Secured routes - File: secured-routes -- Name: Configuring ingress cluster traffic - Dir: configuring_ingress_cluster_traffic + - Name: Configuring Routes + Dir: routes + Distros: openshift-enterprise,openshift-origin + Topics: + - Name: Route configuration + File: route-configuration + - Name: Secured routes + File: secured-routes + - Name: Configuring ingress cluster traffic + Dir: configuring_ingress_cluster_traffic + Distros: openshift-enterprise,openshift-origin + Topics: + - Name: Overview + File: overview-traffic + - Name: Configuring ExternalIPs for services + File: configuring-externalip + - Name: Configuring ingress cluster traffic using an Ingress Controller + File: configuring-ingress-cluster-traffic-ingress-controller + - Name: Configuring the Ingress Controller endpoint publishing strategy + File: nw-configuring-ingress-controller-endpoint-publishing-strategy + - Name: Configuring ingress cluster traffic using a load balancer + File: configuring-ingress-cluster-traffic-load-balancer + - Name: Configuring ingress cluster traffic on AWS + File: configuring-ingress-cluster-traffic-aws + - Name: Configuring ingress cluster traffic using a service external IP + File: configuring-ingress-cluster-traffic-service-external-ip + - Name: Configuring ingress cluster traffic using a NodePort + File: configuring-ingress-cluster-traffic-nodeport + - Name: Configuring ingress cluster traffic using load balancer allowed source ranges + File: configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges + - Name: Patching existing ingress objects + File: configuring-ingress-cluster-patch-fields + - Name: Allocating load balancers to specific subnets + File: allocating-load-balancers + - Name: Configuring the Ingress Controller for manual DNS management + File: ingress-controller-dnsmgt + - Name: Gateway API with OpenShift Container Platform networking + File: ingress-gateway-api + - Name: Load balancing on OpenStack + File: load-balancing-openstack + - Name: Load balancing with MetalLB + Dir: metallb + Distros: openshift-enterprise,openshift-origin + Topics: + - Name: Configuring MetalLB address pools + File: metallb-configure-address-pools + - Name: Advertising the IP address pools + File: about-advertising-ipaddresspool + - Name: Configuring MetalLB BGP peers + File: metallb-configure-bgp-peers + - Name: Advertising an IP address pool using the community alias + File: metallb-configure-community-alias + - Name: Configuring MetalLB BFD profiles + File: metallb-configure-bfd-profiles + - Name: Configuring services to use MetalLB + File: metallb-configure-services + - Name: Managing symmetric routing with MetalLB + File: metallb-configure-return-traffic + - Name: Configuring the integration of MetalLB and FRR-K8s + File: metallb-frr-k8s + - Name: MetalLB logging, troubleshooting, and support + File: metallb-troubleshoot-support +- Name: Configuring network settings + Dir: configuring_network_settings + Distros: openshift-enterprise,openshift-origin Topics: - - Name: Overview - File: overview-traffic + - Name: Configuring system controls and interface attributes using the tuning plugin + File: configure-syscontrols-interface-tuning-cni + - Name: Configuring the node port service range + File: configuring-node-port-service-range + - Name: Configuring the cluster network IP address range + File: configuring-cluster-network-range + - Name: Configuring IP failover + File: configuring-ipfailover + - Name: Configuring the cluster-wide proxy + File: enable-cluster-wide-proxy + - Name: Configuring a custom PKI + File: configuring-a-custom-pki +- Name: Advanced networking + Dir: advanced_networking + Distros: openshift-enterprise, openshift-origin + Topics: + - Name: Verifying connectivity to an endpoint + File: verifying-connectivity-endpoint + - Name: Changing the cluster network MTU + File: changing-cluster-network-mtu + - Name: Using Stream Control Transmission Protocol + File: using-sctp + - Name: Associating secondary interfaces metrics to network attachments + File: associating-secondary-interfaces-metrics-to-network-attachments + - Name: Using PTP hardware + Dir: ptp Distros: openshift-enterprise,openshift-origin - - Name: Configuring ExternalIPs for services - File: configuring-externalip - Distros: openshift-enterprise,openshift-origin - - Name: Configuring ingress cluster traffic using an Ingress Controller - File: configuring-ingress-cluster-traffic-ingress-controller - - Name: Configuring the Ingress Controller endpoint publishing strategy - File: nw-configuring-ingress-controller-endpoint-publishing-strategy - Distros: openshift-enterprise,openshift-origin - - Name: Configuring ingress cluster traffic using a load balancer - File: configuring-ingress-cluster-traffic-load-balancer - Distros: openshift-enterprise,openshift-origin - - Name: Configuring ingress cluster traffic on AWS - File: configuring-ingress-cluster-traffic-aws - Distros: openshift-enterprise,openshift-origin - - Name: Configuring ingress cluster traffic using a service external IP - File: configuring-ingress-cluster-traffic-service-external-ip - Distros: openshift-enterprise,openshift-origin - - Name: Configuring ingress cluster traffic using a NodePort - File: configuring-ingress-cluster-traffic-nodeport - Distros: openshift-enterprise,openshift-origin - - Name: Configuring ingress cluster traffic using load balancer allowed source ranges - File: configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges - Distros: openshift-enterprise,openshift-origin - - Name: Patching existing ingress objects - File: configuring-ingress-cluster-patch-fields - Distros: openshift-enterprise,openshift-origin - - Name: Allocating load balancers to specific subnets - File: allocating-load-balancers - Distros: openshift-enterprise,openshift-origin - - Name: Gateway API with OpenShift Container Platform networking - File: ingress-gateway-api - Distros: openshift-enterprise - # Kubernetes NMState (TECHNOLOGY PREVIEW) + Topics: + - Name: About PTP in OpenShift cluster nodes + File: about-ptp + - Name: Configuring PTP devices + File: configuring-ptp + - Name: Developing PTP events consumer applications with the REST API v2 + File: ptp-cloud-events-consumer-dev-reference-v2 + - Name: PTP events REST API v2 reference + File: ptp-events-rest-api-reference-v2 - Name: Kubernetes NMState Dir: k8s_nmstate Topics: @@ -1732,37 +1767,6 @@ Topics: File: k8s-nmstate-updating-node-network-config - Name: Troubleshooting node network configuration File: k8s-nmstate-troubleshooting-node-network -- Name: Configuring the cluster-wide proxy - File: enable-cluster-wide-proxy - Distros: openshift-enterprise,openshift-origin -- Name: Configuring a custom PKI - File: configuring-a-custom-pki - Distros: openshift-enterprise,openshift-origin -- Name: Load balancing on OpenStack - File: load-balancing-openstack -- Name: Load balancing with MetalLB - Dir: metallb - Topics: - - Name: Configuring MetalLB address pools - File: metallb-configure-address-pools - - Name: Advertising the IP address pools - File: about-advertising-ipaddresspool - - Name: Configuring MetalLB BGP peers - File: metallb-configure-bgp-peers - - Name: Advertising an IP address pool using the community alias - File: metallb-configure-community-alias - - Name: Configuring MetalLB BFD profiles - File: metallb-configure-bfd-profiles - - Name: Configuring services to use MetalLB - File: metallb-configure-services - - Name: Managing symmetric routing with MetalLB - File: metallb-configure-return-traffic - - Name: Configuring the integration of MetalLB and FRR-K8s - File: metallb-frr-k8s - - Name: MetalLB logging, troubleshooting, and support - File: metallb-troubleshoot-support -- Name: Associating secondary interfaces metrics to network attachments - File: associating-secondary-interfaces-metrics-to-network-attachments --- Name: Storage Dir: storage diff --git a/_topic_maps/_topic_map_osd.yml b/_topic_maps/_topic_map_osd.yml index 43169d32e5..41bc1bf665 100644 --- a/_topic_maps/_topic_map_osd.yml +++ b/_topic_maps/_topic_map_osd.yml @@ -734,8 +734,13 @@ Name: Networking Dir: networking Distros: openshift-dedicated Topics: -- Name: About networking - File: about-managed-networking +- Name: Networking overview + Dir: networking_overview + Topics: + - Name: About networking + File: about-managed-networking + - Name: CIDR range definitions + File: cidr-range-definitions - Name: Networking Operators Dir: networking_operators Distros: openshift-dedicated @@ -748,8 +753,6 @@ Topics: File: network-verification - Name: Configuring a cluster-wide proxy during installation File: configuring-cluster-wide-proxy -- Name: CIDR range definitions - File: cidr-range-definitions - Name: Network security Dir: network_security Distros: openshift-dedicated @@ -784,13 +787,17 @@ Topics: Topics: - Name: Enabling multicast for a project File: enabling-multicast -- Name: Configuring Routes - Dir: routes +- Name: Ingress and load balancing + Dir: ingress_load_balancing + Distros: openshift-dedicated Topics: - - Name: Route configuration - File: route-configuration - - Name: Secured routes - File: secured-routes + - Name: Configuring Routes + Dir: routes + Topics: + - Name: Route configuration + File: route-configuration + - Name: Secured routes + File: secured-routes --- Name: Building applications Dir: applications diff --git a/_topic_maps/_topic_map_rosa.yml b/_topic_maps/_topic_map_rosa.yml index 350d5cd97f..7dd58e7026 100644 --- a/_topic_maps/_topic_map_rosa.yml +++ b/_topic_maps/_topic_map_rosa.yml @@ -981,8 +981,14 @@ Name: Networking Dir: networking Distros: openshift-rosa Topics: -- Name: About networking - File: about-managed-networking +- Name: Networking overview + Dir: networking_overview + Distros: openshift-rosa + Topics: + - Name: About networking + File: about-managed-networking + - Name: CIDR range definitions + File: cidr-range-definitions - Name: Networking Operators Dir: networking_operators Distros: openshift-rosa @@ -999,8 +1005,6 @@ Topics: File: network-verification - Name: Configuring a cluster-wide proxy during installation File: configuring-cluster-wide-proxy -- Name: CIDR range definitions - File: cidr-range-definitions - Name: Network security Dir: network_security Distros: openshift-rosa @@ -1049,13 +1053,18 @@ Topics: Topics: - Name: Enabling multicast for a project File: enabling-multicast -- Name: Configuring Routes - Dir: routes +- Name: Ingress and load balancing + Dir: ingress_load_balancing + Distros: openshift-rosa Topics: - - Name: Route configuration - File: route-configuration - - Name: Secured routes - File: secured-routes + - Name: Configuring Routes + Dir: routes + Distros: openshift-rosa + Topics: + - Name: Route configuration + File: route-configuration + - Name: Secured routes + File: secured-routes --- Name: Building applications Dir: applications diff --git a/_unused_topics/migrate-from-openshift-sdn.adoc b/_unused_topics/migrate-from-openshift-sdn.adoc index cee1a31540..b6fc6f3412 100644 --- a/_unused_topics/migrate-from-openshift-sdn.adoc +++ b/_unused_topics/migrate-from-openshift-sdn.adoc @@ -37,9 +37,9 @@ include::modules/live-migration-metrics-information.adoc[leveloffset=+3] * xref:../../networking/network_security/network_policy/about-network-policy.adoc#about-network-policy[About network policy] -* xref:../../networking/changing-cluster-network-mtu.adoc#nw-cluster-mtu-change_changing-cluster-network-mtu[Changing the cluster MTU] +* xref:../../networking/advanced_networking/changing-cluster-network-mtu.adoc#nw-cluster-mtu-change_changing-cluster-network-mtu[Changing the cluster MTU] -* xref:../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] +* xref:../../networking/advanced_networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] * xref:../../networking/network_security/network_policy/about-network-policy.adoc#nw-networkpolicy-optimize-ovn_about-network-policy[About network policy] * OVN-Kubernetes capabilities diff --git a/applications/deployments/route-based-deployment-strategies.adoc b/applications/deployments/route-based-deployment-strategies.adoc index 95ae73f43f..430db58f6b 100644 --- a/applications/deployments/route-based-deployment-strategies.adoc +++ b/applications/deployments/route-based-deployment-strategies.adoc @@ -35,10 +35,10 @@ include::modules/deployments-ab-testing.adoc[leveloffset=+1] include::modules/deployments-ab-testing-lb.adoc[leveloffset=+2] ifndef::openshift-rosa-hcp[] -// Remove conditionals when Networking content is in ROSA HCP +// Remove conditionals when Networking content is in ROSA HCP [role="_additional-resources"] [id="additional-resources_{context}"] == Additional resources -* xref:../../networking/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations]. +* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations]. endif::[] diff --git a/architecture/index.adoc b/architecture/index.adoc index 36175df944..91801f3d31 100644 --- a/architecture/index.adoc +++ b/architecture/index.adoc @@ -20,7 +20,7 @@ include::modules/openshift-architecture-common-terms.adoc[leveloffset=+1] // Topic not included in the OSD/ROSA docs ifndef::openshift-dedicated,openshift-rosa[] -* For more information on networking, see xref:../networking/understanding-networking.adoc#understanding-networking[{product-title} networking]. +* For more information on networking, see xref:../networking/networking_overview/understanding-networking.adoc#understanding-networking[{product-title} networking]. endif::openshift-dedicated,openshift-rosa[] * For more information on storage, see xref:../storage/index.adoc#index[{product-title} storage]. * For more information on authentication, see xref:../authentication/index.adoc#index[{product-title} authentication]. diff --git a/backup_and_restore/control_plane_backup_and_restore/disaster_recovery/scenario-2-restoring-cluster-state.adoc b/backup_and_restore/control_plane_backup_and_restore/disaster_recovery/scenario-2-restoring-cluster-state.adoc index f16d43ff75..b148928916 100644 --- a/backup_and_restore/control_plane_backup_and_restore/disaster_recovery/scenario-2-restoring-cluster-state.adoc +++ b/backup_and_restore/control_plane_backup_and_restore/disaster_recovery/scenario-2-restoring-cluster-state.adoc @@ -32,7 +32,7 @@ include::modules/manually-restoring-cluster-etcd-backup.adoc[leveloffset=+1] * xref:../../../installing/installing_bare_metal/upi/installing-bare-metal.adoc#installing-bare-metal[Installing a user-provisioned cluster on bare metal] -* xref:../../../networking/accessing-hosts.adoc#accessing-hosts[Creating a bastion host to access {product-title} instances and the control plane nodes with SSH] +* xref:../../../networking/networking_overview/accessing-hosts.adoc#accessing-hosts[Creating a bastion host to access {product-title} instances and the control plane nodes with SSH] * xref:../../../installing/installing_bare_metal/bare-metal-expanding-the-cluster.adoc#replacing-a-bare-metal-control-plane-node_bare-metal-expanding[Replacing a bare-metal control plane node] diff --git a/cicd/builds/setting-up-trusted-ca.adoc b/cicd/builds/setting-up-trusted-ca.adoc index de6612efd9..44d97c5b21 100644 --- a/cicd/builds/setting-up-trusted-ca.adoc +++ b/cicd/builds/setting-up-trusted-ca.adoc @@ -30,6 +30,6 @@ include::modules/configmap-adding-ca.adoc[leveloffset=+1] * link:https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#create-a-configmap[Create a `ConfigMap`] * link:https://kubectl.docs.kubernetes.io/guides/config_management/secrets_configmaps/[Secrets and `ConfigMaps`] ifndef::openshift-rosa,openshift-dedicated[] -* xref:../../networking/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI] +* xref:../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI] endif::[] endif::[] diff --git a/cicd/pipelines/creating-applications-with-cicd-pipelines.adoc b/cicd/pipelines/creating-applications-with-cicd-pipelines.adoc index 817f094f93..18458e05cd 100644 --- a/cicd/pipelines/creating-applications-with-cicd-pipelines.adoc +++ b/cicd/pipelines/creating-applications-with-cicd-pipelines.adoc @@ -86,4 +86,4 @@ include::modules/op-validating-pull-requests-using-GitHub-interceptors.adoc[leve * For more examples of reusable tasks, see the link:https://github.com/openshift/pipelines-catalog[OpenShift Catalog] repository. Additionally, you can also see the Tekton Catalog in the Tekton project. * To install and deploy a custom instance of Tekton Hub for reusable tasks and pipelines, see xref:../../cicd/pipelines/using-tekton-hub-with-openshift-pipelines.adoc#using-tekton-hub-with-openshift-pipelines[Using {tekton-hub} with {pipelines-title}]. * For more details on re-encrypt TLS termination, see link:https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#re-encryption-termination[Re-encryption Termination]. -* For more details on secured routes, see the xref:../../networking/routes/secured-routes.adoc#secured-routes[Secured routes] section. +* For more details on secured routes, see the xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#secured-routes[Secured routes] section. diff --git a/cicd/pipelines/understanding-openshift-pipelines.adoc b/cicd/pipelines/understanding-openshift-pipelines.adoc index 93b66781be..7d03a1129d 100644 --- a/cicd/pipelines/understanding-openshift-pipelines.adoc +++ b/cicd/pipelines/understanding-openshift-pipelines.adoc @@ -47,4 +47,4 @@ include::modules/op-about-triggers.adoc[leveloffset=+2] * For information on installing {pipelines-shortname}, see xref:../../cicd/pipelines/installing-pipelines.adoc#installing-pipelines[Installing {pipelines-shortname}]. * For more details on creating custom CI/CD solutions, see xref:../../cicd/pipelines/creating-applications-with-cicd-pipelines.adoc#creating-applications-with-cicd-pipelines[Creating CI/CD solutions for applications using {pipelines-shortname}]. * For more details on re-encrypt TLS termination, see link:https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#re-encryption-termination[Re-encryption Termination]. -* For more details on secured routes, see the xref:../../networking/routes/secured-routes.adoc#secured-routes[Secured routes] section. +* For more details on secured routes, see the xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#secured-routes[Secured routes] section. diff --git a/cicd/pipelines/using-pipelines-as-code.adoc b/cicd/pipelines/using-pipelines-as-code.adoc index 3c37b05c3c..0e5512b26c 100644 --- a/cicd/pipelines/using-pipelines-as-code.adoc +++ b/cicd/pipelines/using-pipelines-as-code.adoc @@ -86,7 +86,7 @@ include::modules/op-interfacing-pipelines-as-code-with-custom-certificates.adoc[ .Additional resources -* xref:../../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object[Enabling the cluster-wide proxy] +* xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object[Enabling the cluster-wide proxy] include::modules/op-using-repository-crd-with-pipelines-as-code.adoc[leveloffset=+1] diff --git a/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc b/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc index e0416c26f0..573abf4f0f 100644 --- a/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc +++ b/cloud_experts_tutorials/cloud-experts-aws-load-balancer-operator.adoc @@ -23,7 +23,7 @@ include::snippets/mobb-support-statement.adoc[leveloffset=+1] ifndef::openshift-rosa-hcp[] [TIP] ==== -Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../networking/routes/route-configuration.adoc#route-configuration[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. +Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../networking/ingress_load_balancing/routes/route-configuration.adoc#route-configuration[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. ==== endif::openshift-rosa-hcp[] ifdef::openshift-rosa-hcp[] diff --git a/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc b/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc index 14f4a83a5e..a1c4c61804 100644 --- a/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc +++ b/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-openshift-concepts.adoc @@ -66,7 +66,7 @@ Similar to the Kubernetes `Ingress` object, Red Hat created the concept of route [cols="1,1,1"] |=== -|Feature | Ingress on OpenShift | Route on OpenShift +|Feature | Ingress on OpenShift | Route on OpenShift |Standard Kubernetes object | **X** @@ -97,23 +97,23 @@ Similar to the Kubernetes `Ingress` object, Red Hat created the concept of route | **X** |TLS re-encryption for improved security -| +| | **X** |TLS passhtrough for improved security -| +| | **X** |Multiple weighted backends (split traffic) -| +| | **X** |Generated pattern-based hostnames -| +| | **X** |Wildcard domains -| +| | **X** |=== @@ -122,12 +122,12 @@ Similar to the Kubernetes `Ingress` object, Red Hat created the concept of route DNS resolution for a hostname is handled separately from routing. Your administrator might have configured a cloud domain that will always correctly resolve to the router or modify your unrelated hostname DNS records independently to resolve to the router. ==== -An individual route can override some defaults by providing specific configurations in its annotations. +An individual route can override some defaults by providing specific configurations in its annotations. [role="_additional-resources"] .Additional resources -* xref:../../networking/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations] +* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations] [id="cloud-experts-getting-started-openshift-concepts-imagestreams"] == Image streams @@ -135,7 +135,7 @@ An image stream stores a mapping of tags to images, metadata overrides that are [id="cloud-experts-getting-started-openshift-concepts-imagestreams-benefits"] === Image stream benefits -Using an image stream makes it easier to change a tag for a container image. Otherwise, to manually change a tag, you must download the image, change it locally, then push it all back. Promoting applications by manually changing a tag and then updating the deployment object entails many steps. +Using an image stream makes it easier to change a tag for a container image. Otherwise, to manually change a tag, you must download the image, change it locally, then push it all back. Promoting applications by manually changing a tag and then updating the deployment object entails many steps. With image streams, you upload a container image once and then you manage its virtual tags internally in OpenShift. In one project you might use the developer tag and only change a reference to it internally, while in production you might use a production tag and also manage it internally. You do not have to deal with the registry. diff --git a/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-what-is-rosa.adoc b/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-what-is-rosa.adoc index 56ec7b9cc0..6366908b52 100644 --- a/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-what-is-rosa.adoc +++ b/cloud_experts_tutorials/cloud-experts-getting-started/cloud-experts-getting-started-what-is-rosa.adoc @@ -151,7 +151,7 @@ OpenShift includes the CSI driver for AWS EFS. For more information, see xref:.. == Using a VPC At installation you can select to deploy to an existing VPC or bring your own VPC. You can then select the required subnets and provide a valid CIDR range that encompasses the subnets for the installation program when using those subnets. -ROSA allows multiple clusters to share the same VPC. The number of clusters on one VPC is limited by the remaining AWS resource quota and CIDR ranges that cannot overlap. See xref:../../networking/cidr-range-definitions.adoc#cidr-range-definitions[CIDR Range Definitions] for more information. +ROSA allows multiple clusters to share the same VPC. The number of clusters on one VPC is limited by the remaining AWS resource quota and CIDR ranges that cannot overlap. See xref:../../networking/networking_overview/cidr-range-definitions.adoc#cidr-range-definitions[CIDR Range Definitions] for more information. == Network plugin ROSA uses the OpenShift OVN-Kubernetes default CNI network provider. diff --git a/disconnected/updating/disconnected-update-osus.adoc b/disconnected/updating/disconnected-update-osus.adoc index 7706348a27..e66608c81a 100644 --- a/disconnected/updating/disconnected-update-osus.adoc +++ b/disconnected/updating/disconnected-update-osus.adoc @@ -112,7 +112,7 @@ include::modules/update-service-configure-cvo.adoc[leveloffset=+1] [NOTE] ==== -See xref:../../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] to configure the CA to trust the update server. +See xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] to configure the CA to trust the update server. ==== [id="next-steps_updating-disconnected-cluster-osus_{context}"] diff --git a/etcd/etcd-backup-restore/etcd-disaster-recovery.adoc b/etcd/etcd-backup-restore/etcd-disaster-recovery.adoc index 937ef2a2c7..c8f19bf9d0 100644 --- a/etcd/etcd-backup-restore/etcd-disaster-recovery.adoc +++ b/etcd/etcd-backup-restore/etcd-disaster-recovery.adoc @@ -65,7 +65,7 @@ include::modules/manually-restoring-cluster-etcd-backup.adoc[leveloffset=+2] .Additional resources * xref:../../backup_and_restore/control_plane_backup_and_restore/backing-up-etcd.adoc#backing-up-etcd-data_backup-etcd[Backing up etcd data] * xref:../../installing/installing_bare_metal/upi/installing-bare-metal.adoc#installing-bare-metal[Installing a user-provisioned cluster on bare metal] -* xref:../../networking/accessing-hosts.adoc#accessing-hosts-on-aws_accessing-hosts[Accessing hosts on Amazon Web Services in an installer-provisioned infrastructure cluster] +* xref:../../networking/networking_overview/accessing-hosts.adoc#accessing-hosts-on-aws_accessing-hosts[Accessing hosts on Amazon Web Services in an installer-provisioned infrastructure cluster] * xref:../../installing/installing_bare_metal/bare-metal-expanding-the-cluster.adoc#replacing-a-bare-metal-control-plane-node_bare-metal-expanding[Replacing a bare-metal control plane node] include::modules/dr-scenario-cluster-state-issues.adoc[leveloffset=+2] diff --git a/hosted_control_planes/hcp-deploy/hcp-deploy-bm.adoc b/hosted_control_planes/hcp-deploy/hcp-deploy-bm.adoc index f64f8d3b15..7b0bab735c 100644 --- a/hosted_control_planes/hcp-deploy/hcp-deploy-bm.adoc +++ b/hosted_control_planes/hcp-deploy/hcp-deploy-bm.adoc @@ -33,7 +33,7 @@ include::modules/hcp-bm-firewall-port-svc-reqs.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] +* xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] include::modules/hcp-bm-infra-reqs.adoc[leveloffset=+2] diff --git a/hosted_control_planes/hcp-networking.adoc b/hosted_control_planes/hcp-networking.adoc index 91ca93ca8a..f4e420c1e9 100644 --- a/hosted_control_planes/hcp-networking.adoc +++ b/hosted_control_planes/hcp-networking.adoc @@ -25,4 +25,4 @@ include::modules/hcp-proxy-addl-network.adoc[leveloffset=+1] [id="additional-resources_{context}"] == Additional resources -* xref:../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] \ No newline at end of file +* xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] \ No newline at end of file diff --git a/hosted_control_planes/hcp-prepare/hcp-requirements.adoc b/hosted_control_planes/hcp-prepare/hcp-requirements.adoc index 4162f14bd1..b78b84e11b 100644 --- a/hosted_control_planes/hcp-prepare/hcp-requirements.adoc +++ b/hosted_control_planes/hcp-prepare/hcp-requirements.adoc @@ -14,7 +14,7 @@ The following requirements apply to {hcp}: * In order to run the HyperShift Operator, your management cluster needs at least three worker nodes. -* You can run both the management cluster and the worker nodes on-premise, such as on a bare-metal platform or on {VirtProductName}. In addition, you can run both the management cluster and the worker nodes on cloud infrastructure, such as {aws-first}. +* You can run both the management cluster and the worker nodes on-premise, such as on a bare-metal platform or on {VirtProductName}. In addition, you can run both the management cluster and the worker nodes on cloud infrastructure, such as {aws-first}. * If you use a mixed infrastructure, such as running the management cluster on {aws-short} and your worker nodes on-premise, or running your worker nodes on {aws-short} and your management cluster on-premise, you must use the `PublicAndPrivate` publishing strategy and follow the latency requirements in the support matrix. @@ -34,4 +34,4 @@ include::modules/hcp-cidr-ranges.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions] +* xref:../../networking/networking_overview/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions] diff --git a/installing/installing_aws/ipi/installing-aws-localzone.adoc b/installing/installing_aws/ipi/installing-aws-localzone.adoc index 29556c3c21..c176cb3db7 100644 --- a/installing/installing_aws/ipi/installing-aws-localzone.adoc +++ b/installing/installing_aws/ipi/installing-aws-localzone.adoc @@ -61,11 +61,11 @@ include::modules/edge-machine-pools-aws-local-zones.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] -* xref:../../../networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] +* xref:../../../networking/advanced_networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] +* xref:../../../networking/advanced_networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] * xref:../../../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations-about_nodes-scheduler-taints-tolerations[Understanding taints and tolerations] * xref:../../../storage/understanding-persistent-storage.adoc#pvc-storage-class_understanding-persistent-storage[Storage classes] -* xref:../../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding_configuring-ingress-cluster-traffic-ingress-controller[Ingress Controller sharding] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding_configuring-ingress-cluster-traffic-ingress-controller[Ingress Controller sharding] [id="installation-prereqs-aws-local-zone_{context}"] == Installation prerequisites diff --git a/installing/installing_aws/ipi/installing-aws-network-customizations.adoc b/installing/installing_aws/ipi/installing-aws-network-customizations.adoc index c147d5d76c..7e5a16cc35 100644 --- a/installing/installing_aws/ipi/installing-aws-network-customizations.adoc +++ b/installing/installing_aws/ipi/installing-aws-network-customizations.adoc @@ -102,7 +102,7 @@ include::modules/nw-modifying-operator-install-config.adoc[leveloffset=+1] [NOTE] ==== -For more information on using a Network Load Balancer (NLB) on AWS, see xref:../../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc#nw-configuring-ingress-cluster-traffic-aws-network-load-balancer_configuring-ingress-cluster-traffic-aws[Configuring Ingress cluster traffic on AWS using a Network Load Balancer]. +For more information on using a Network Load Balancer (NLB) on AWS, see xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc#nw-configuring-ingress-cluster-traffic-aws-network-load-balancer_configuring-ingress-cluster-traffic-aws[Configuring Ingress cluster traffic on AWS using a Network Load Balancer]. ==== include::modules/nw-aws-nlb-new-cluster.adoc[leveloffset=+1] diff --git a/installing/installing_aws/ipi/installing-aws-outposts.adoc b/installing/installing_aws/ipi/installing-aws-outposts.adoc index cae0d040a7..b2b8dd79a2 100644 --- a/installing/installing_aws/ipi/installing-aws-outposts.adoc +++ b/installing/installing_aws/ipi/installing-aws-outposts.adoc @@ -44,7 +44,7 @@ To extend your VPC cluster into an Outpost, you must complete the following netw include::modules/nw-cluster-mtu-change.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../../networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing the MTU for the cluster network] +* xref:../../../networking/advanced_networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing the MTU for the cluster network] //Creating subnets for AWS edge compute services include::modules/installation-creating-aws-vpc-subnets-edge.adoc[leveloffset=+2] diff --git a/installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc b/installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc index c646c3402b..f5c78542d2 100644 --- a/installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc +++ b/installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc @@ -77,11 +77,11 @@ include::modules/edge-machine-pools-aws-local-zones.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] -* xref:../../../networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] +* xref:../../../networking/advanced_networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] +* xref:../../../networking/advanced_networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] * xref:../../../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations-about_nodes-scheduler-taints-tolerations[Understanding taints and tolerations] * xref:../../../storage/understanding-persistent-storage.adoc#pvc-storage-class_understanding-persistent-storage[Storage classes] -* xref:../../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding_configuring-ingress-cluster-traffic-ingress-controller[Ingress Controller sharding] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding_configuring-ingress-cluster-traffic-ingress-controller[Ingress Controller sharding] [id="installation-prereqs-aws-wavelength-zone_{context}"] == Installation prerequisites diff --git a/installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc b/installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc index b16c9f44ff..5a271590f9 100644 --- a/installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc +++ b/installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc @@ -24,7 +24,7 @@ In {product-title} version {product-version}, you can choose one of the followin ** You configured the firewall to xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[grant access] to the sites that {product-title} requires. This includes the use of Telemetry. * If your Nutanix environment is using the default self-signed SSL certificate, replace it with a certificate that is signed by a CA. The installation program requires a valid CA-signed certificate to access to the Prism Central API. For more information about replacing the self-signed certificate, see the https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_1:mul-security-ssl-certificate-pc-t.html[Nutanix AOS Security Guide]. + -If your Nutanix environment uses an internal CA to issue certificates, you must configure a cluster-wide proxy as part of the installation process. For more information, see xref:../../networking/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI]. +If your Nutanix environment uses an internal CA to issue certificates, you must configure a cluster-wide proxy as part of the installation process. For more information, see xref:../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI]. + [IMPORTANT] ==== diff --git a/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc b/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc index f191ef388a..d9047445af 100644 --- a/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc +++ b/installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc @@ -17,7 +17,7 @@ In {product-title} {product-version}, you can install a cluster on Nutanix infra ** You configured the firewall to xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[grant access] to the sites that {product-title} requires. This includes the use of Telemetry. * If your Nutanix environment is using the default self-signed SSL/TLS certificate, replace it with a certificate that is signed by a CA. The installation program requires a valid CA-signed certificate to access to the Prism Central API. For more information about replacing the self-signed certificate, see the https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_1:mul-security-ssl-certificate-pc-t.html[Nutanix AOS Security Guide]. + -If your Nutanix environment uses an internal CA to issue certificates, you must configure a cluster-wide proxy as part of the installation process. For more information, see xref:../../networking/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI]. +If your Nutanix environment uses an internal CA to issue certificates, you must configure a cluster-wide proxy as part of the installation process. For more information, see xref:../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI]. + [IMPORTANT] ==== diff --git a/installing/installing_openstack/installing-openstack-installer-custom.adoc b/installing/installing_openstack/installing-openstack-installer-custom.adoc index e3f0948fa9..d62e9d5759 100644 --- a/installing/installing_openstack/installing-openstack-installer-custom.adoc +++ b/installing/installing_openstack/installing-openstack-installer-custom.adoc @@ -89,5 +89,5 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] * xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If you need to enable external access to node ports, xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. +* If you need to enable external access to node ports, xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. * If you did not configure {rh-openstack} to accept application traffic over floating IP addresses, xref:../../installing/installing_openstack/installing-openstack-network-config.adoc#installation-osp-configuring-api-floating-ip_installing-openstack-network-config[configure {rh-openstack} access with floating IP addresses]. diff --git a/installing/installing_openstack/installing-openstack-installer-ovs-dpdk.adoc b/installing/installing_openstack/installing-openstack-installer-ovs-dpdk.adoc index cb722fe6f8..2a3a981a38 100644 --- a/installing/installing_openstack/installing-openstack-installer-ovs-dpdk.adoc +++ b/installing/installing_openstack/installing-openstack-installer-ovs-dpdk.adoc @@ -84,5 +84,5 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] * xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If you need to enable external access to node ports, xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. +* If you need to enable external access to node ports, xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. * If you did not configure {rh-openstack} to accept application traffic over floating IP addresses, xref:../../installing/installing_openstack/installing-openstack-network-config.adoc#installation-osp-configuring-api-floating-ip_installing-openstack-network-config[configure {rh-openstack} access with floating IP addresses]. diff --git a/installing/installing_openstack/installing-openstack-user-sr-iov.adoc b/installing/installing_openstack/installing-openstack-user-sr-iov.adoc index af3863364c..514e156d2a 100644 --- a/installing/installing_openstack/installing-openstack-user-sr-iov.adoc +++ b/installing/installing_openstack/installing-openstack-user-sr-iov.adoc @@ -100,5 +100,5 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] * xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If you need to enable external access to node ports, xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. +* If you need to enable external access to node ports, xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. * If you did not configure {rh-openstack} to accept application traffic over floating IP addresses, xref:../../installing/installing_openstack/installing-openstack-network-config.adoc#installation-osp-configuring-api-floating-ip_installing-openstack-network-config[configure {rh-openstack} access with floating IP addresses]. diff --git a/installing/installing_openstack/installing-openstack-user.adoc b/installing/installing_openstack/installing-openstack-user.adoc index 6d30809b54..9ae6268a3e 100644 --- a/installing/installing_openstack/installing-openstack-user.adoc +++ b/installing/installing_openstack/installing-openstack-user.adoc @@ -86,5 +86,5 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] * xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If you need to enable external access to node ports, xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. +* If you need to enable external access to node ports, xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#nw-using-nodeport_configuring-ingress-cluster-traffic-nodeport[configure ingress cluster traffic by using a node port]. * If you did not configure {rh-openstack} to accept application traffic over floating IP addresses, xref:../../installing/installing_openstack/installing-openstack-network-config.adoc#installation-osp-configuring-api-floating-ip_installing-openstack-network-config[configure {rh-openstack} access with floating IP addresses]. diff --git a/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-aws.adoc b/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-aws.adoc index f2e6d0cac3..37defc642f 100644 --- a/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-aws.adoc +++ b/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-aws.adoc @@ -30,7 +30,7 @@ include::modules/private-clusters-setting-api-private.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../../networking/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingresscontroller-change-internal_nw-configuring-ingress-controller-endpoint-publishing-strategy[Configuring the Ingress Controller endpoint publishing scope to Internal] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingresscontroller-change-internal_nw-configuring-ingress-controller-endpoint-publishing-strategy[Configuring the Ingress Controller endpoint publishing scope to Internal] //Selecting a larger Amazon Web Services instance type for control plane machines include::modules/cpms-changing-aws-instance-type.adoc[leveloffset=+2] diff --git a/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc b/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc index 82b8ed2a06..95111a4a12 100644 --- a/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc +++ b/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc @@ -28,7 +28,7 @@ You can enable features by updating values in the control plane machine set. include::modules/private-clusters-setting-api-private.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../../networking/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingresscontroller-change-internal_nw-configuring-ingress-controller-endpoint-publishing-strategy[Configuring the Ingress Controller endpoint publishing scope to Internal] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingresscontroller-change-internal_nw-configuring-ingress-controller-endpoint-publishing-strategy[Configuring the Ingress Controller endpoint publishing scope to Internal] //Using the Azure Marketplace offering include::modules/installation-azure-marketplace-subscribe.adoc[leveloffset=+2] diff --git a/machine_management/manually-scaling-machineset.adoc b/machine_management/manually-scaling-machineset.adoc index f71f052a91..16fba4cd63 100644 --- a/machine_management/manually-scaling-machineset.adoc +++ b/machine_management/manually-scaling-machineset.adoc @@ -15,7 +15,7 @@ If you need to modify aspects of a compute machine set outside of scaling, see x == Prerequisites -* If you enabled the cluster-wide proxy and scale up compute machines not included in `networking.machineNetwork[].cidr` from the installation configuration, you must xref:../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[add the compute machines to the Proxy object's `noProxy` field] to prevent connection issues. +* If you enabled the cluster-wide proxy and scale up compute machines not included in `networking.machineNetwork[].cidr` from the installation configuration, you must xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[add the compute machines to the Proxy object's `noProxy` field] to prevent connection issues. include::snippets/machine-user-provisioned-limitations.adoc[leveloffset=+1] diff --git a/migrating_from_ocp_3_to_4/index.adoc b/migrating_from_ocp_3_to_4/index.adoc index 7537fd22ef..4a9ae3b120 100644 --- a/migrating_from_ocp_3_to_4/index.adoc +++ b/migrating_from_ocp_3_to_4/index.adoc @@ -14,7 +14,7 @@ Before migrating from {product-title} 3 to 4, you can check xref:../migrating_fr * xref:../architecture/architecture.adoc#architecture[Architecture] * xref:../architecture/architecture-installation.adoc#architecture-installation[Installation and update] -* xref:../storage/index.adoc#index[Storage], xref:../networking/understanding-networking.adoc#understanding-networking[network], xref:../security/index.adoc#index[security], and xref:../observability/monitoring/about-ocp-monitoring/about-ocp-monitoring.adoc#about-ocp-monitoring[monitoring considerations] +* xref:../storage/index.adoc#index[Storage], xref:../networking/networking_overview/understanding-networking.adoc#understanding-networking[network], xref:../security/index.adoc#index[security], and xref:../observability/monitoring/about-ocp-monitoring/about-ocp-monitoring.adoc#about-ocp-monitoring[monitoring considerations] [id="mtc-3-to-4-overview-planning-network-considerations-mtc"] == Planning network considerations diff --git a/migrating_from_ocp_3_to_4/installing-3-4.adoc b/migrating_from_ocp_3_to_4/installing-3-4.adoc index c4dc94bad1..fba66653a5 100644 --- a/migrating_from_ocp_3_to_4/installing-3-4.adoc +++ b/migrating_from_ocp_3_to_4/installing-3-4.adoc @@ -23,7 +23,7 @@ include::modules/migration-installing-mtc-on-ocp-4.adoc[leveloffset=+1] include::modules/migration-about-configuring-proxies.adoc[leveloffset=+1] include::modules/migration-configuring-proxies.adoc[leveloffset=+2] -For more information, see xref:../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. +For more information, see xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. [id="configuring-replication-repository_{context}"] == Configuring a replication repository diff --git a/migrating_from_ocp_3_to_4/installing-restricted-3-4.adoc b/migrating_from_ocp_3_to_4/installing-restricted-3-4.adoc index 8486f9c3eb..e9c7ca652c 100644 --- a/migrating_from_ocp_3_to_4/installing-restricted-3-4.adoc +++ b/migrating_from_ocp_3_to_4/installing-restricted-3-4.adoc @@ -27,7 +27,7 @@ include::modules/migration-installing-legacy-operator.adoc[leveloffset=+1] include::modules/migration-about-configuring-proxies.adoc[leveloffset=+1] include::modules/migration-configuring-proxies.adoc[leveloffset=+2] -For more information, see xref:../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. +For more information, see xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. [id="configuring-replication-repository_{context}"] == Configuring a replication repository diff --git a/migration_toolkit_for_containers/installing-mtc-restricted.adoc b/migration_toolkit_for_containers/installing-mtc-restricted.adoc index 63b6c53e1b..2761963eb1 100644 --- a/migration_toolkit_for_containers/installing-mtc-restricted.adoc +++ b/migration_toolkit_for_containers/installing-mtc-restricted.adoc @@ -35,7 +35,7 @@ include::modules/migration-installing-legacy-operator.adoc[leveloffset=+1] include::modules/migration-about-configuring-proxies.adoc[leveloffset=+1] include::modules/migration-configuring-proxies.adoc[leveloffset=+2] -For more information, see xref:../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. +For more information, see xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. [id="migration-rsync-root-non-root_{context}"] == Running Rsync as either root or non-root diff --git a/migration_toolkit_for_containers/installing-mtc.adoc b/migration_toolkit_for_containers/installing-mtc.adoc index 954b3476c3..f5a1a78b88 100644 --- a/migration_toolkit_for_containers/installing-mtc.adoc +++ b/migration_toolkit_for_containers/installing-mtc.adoc @@ -26,7 +26,7 @@ include::modules/migration-installing-mtc-on-ocp-4.adoc[leveloffset=+1] include::modules/migration-about-configuring-proxies.adoc[leveloffset=+1] include::modules/migration-configuring-proxies.adoc[leveloffset=+2] -For more information, see xref:../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. +For more information, see xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Configuring the cluster-wide proxy]. include::modules/ocp-running-rsync-root-or-non-root.adoc[leveloffset=+2] diff --git a/modules/rosa-hcp-sts-creating-a-cluster-cli-no-cni-plugin.adoc b/modules/rosa-hcp-sts-creating-a-cluster-cli-no-cni-plugin.adoc index f482ed1f02..86d8c7ab40 100644 --- a/modules/rosa-hcp-sts-creating-a-cluster-cli-no-cni-plugin.adoc +++ b/modules/rosa-hcp-sts-creating-a-cluster-cli-no-cni-plugin.adoc @@ -24,7 +24,7 @@ When using the {product-title} (ROSA) command-line interface (CLI), `rosa`, to c + [NOTE] ==== -When creating a {hcp-title} cluster, the default machine Classless Inter-Domain Routing (CIDR) is `10.0.0.0/16`. If this does not correspond to the CIDR range for your VPC subnets, add `--machine-cidr ` to the following commands. To learn more about the default CIDR ranges for {product-title}, see xref:../networking/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions]. +When creating a {hcp-title} cluster, the default machine Classless Inter-Domain Routing (CIDR) is `10.0.0.0/16`. If this does not correspond to the CIDR range for your VPC subnets, add `--machine-cidr ` to the following commands. To learn more about the default CIDR ranges for {product-title}, see xref:../networking/networking_overview/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions]. ==== + ** Create a cluster with a single, initial machine pool, publicly available API, publicly available Ingress, and no CNI plugin by running the following command: @@ -60,7 +60,7 @@ $ rosa describe cluster --cluster= + [IMPORTANT] ==== -When you first log in to the cluster after it reaches `ready` status, the nodes will still be in the `not ready` state until you install your own CNI plugin. After CNI installation, the nodes will change to `ready`. +When you first log in to the cluster after it reaches `ready` status, the nodes will still be in the `not ready` state until you install your own CNI plugin. After CNI installation, the nodes will change to `ready`. ==== + The following `State` field changes are listed in the output as the cluster installation progresses: diff --git a/networking/configuring_ingress_cluster_traffic/_attributes b/networking/advanced_networking/_attributes similarity index 100% rename from networking/configuring_ingress_cluster_traffic/_attributes rename to networking/advanced_networking/_attributes diff --git a/networking/associating-secondary-interfaces-metrics-to-network-attachments.adoc b/networking/advanced_networking/associating-secondary-interfaces-metrics-to-network-attachments.adoc similarity index 100% rename from networking/associating-secondary-interfaces-metrics-to-network-attachments.adoc rename to networking/advanced_networking/associating-secondary-interfaces-metrics-to-network-attachments.adoc diff --git a/networking/changing-cluster-network-mtu.adoc b/networking/advanced_networking/changing-cluster-network-mtu.adoc similarity index 85% rename from networking/changing-cluster-network-mtu.adoc rename to networking/advanced_networking/changing-cluster-network-mtu.adoc index 3b9dba394a..3d545ff3d0 100644 --- a/networking/changing-cluster-network-mtu.adoc +++ b/networking/advanced_networking/changing-cluster-network-mtu.adoc @@ -10,12 +10,13 @@ toc::[] As a cluster administrator, you can change the MTU for the cluster network after cluster installation. This change is disruptive as cluster nodes must be rebooted to finalize the MTU change. include::modules/nw-cluster-mtu-change-about.adoc[leveloffset=+1] + include::modules/nw-cluster-mtu-change.adoc[leveloffset=+1] [role="_additional-resources"] [id="{context}-additional-resources"] == Additional resources -* xref:../installing/installing_bare_metal/upi/installing-bare-metal.adoc#installation-user-infra-machines-advanced_network_installing-bare-metal[Using advanced networking options for PXE and ISO installations] +* xref:../../installing/installing_bare_metal/upi/installing-bare-metal.adoc#installation-user-infra-machines-advanced_network_installing-bare-metal[Using advanced networking options for PXE and ISO installations] * link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/configuring_and_managing_networking/index#proc_manually-creating-a-networkmanager-profile-in-keyfile-format_assembly_networkmanager-connection-profiles-in-keyfile-format[Manually creating NetworkManager profiles in key file format] * link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/configuring_and_managing_networking/index#configuring-a-dynamic-ethernet-connection-using-nmcli_configuring-an-ethernet-connection[Configuring a dynamic Ethernet connection using nmcli] diff --git a/networking/configuring_ingress_cluster_traffic/images b/networking/advanced_networking/images similarity index 100% rename from networking/configuring_ingress_cluster_traffic/images rename to networking/advanced_networking/images diff --git a/networking/configuring_ingress_cluster_traffic/modules b/networking/advanced_networking/modules similarity index 100% rename from networking/configuring_ingress_cluster_traffic/modules rename to networking/advanced_networking/modules diff --git a/networking/metallb/_attributes b/networking/advanced_networking/ptp/_attributes similarity index 100% rename from networking/metallb/_attributes rename to networking/advanced_networking/ptp/_attributes diff --git a/networking/ptp/about-ptp.adoc b/networking/advanced_networking/ptp/about-ptp.adoc similarity index 93% rename from networking/ptp/about-ptp.adoc rename to networking/advanced_networking/ptp/about-ptp.adoc index a7f1083217..c3fcec5495 100644 --- a/networking/ptp/about-ptp.adoc +++ b/networking/advanced_networking/ptp/about-ptp.adoc @@ -32,7 +32,7 @@ include::modules/nw-ptp-introduction.adoc[leveloffset=+1] [IMPORTANT] ==== -Before enabling PTP, ensure that NTP is disabled for the required nodes. You can disable the chrony time service (`chronyd`) using a `MachineConfig` custom resource. For more information, see xref:../../machine_configuration/machine-configs-configure.adoc#cnf-disable-chronyd_machine-configs-configure[Disabling chrony time service]. +Before enabling PTP, ensure that NTP is disabled for the required nodes. You can disable the chrony time service (`chronyd`) using a `MachineConfig` custom resource. For more information, see xref:../../../machine_configuration/machine-configs-configure.adoc#cnf-disable-chronyd_machine-configs-configure[Disabling chrony time service]. ==== include::modules/ptp-linuxptp-introduction.adoc[leveloffset=+1] diff --git a/networking/ptp/configuring-ptp.adoc b/networking/advanced_networking/ptp/configuring-ptp.adoc similarity index 68% rename from networking/ptp/configuring-ptp.adoc rename to networking/advanced_networking/ptp/configuring-ptp.adoc index 3137b814ca..a3d9c0e05d 100644 --- a/networking/ptp/configuring-ptp.adoc +++ b/networking/advanced_networking/ptp/configuring-ptp.adoc @@ -32,7 +32,7 @@ include::modules/nw-ptp-configuring-linuxptp-services-as-grandmaster-clock-three [role="_additional-resources"] .Additional resources -* xref:../../networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#cnf-configuring-the-ptp-fast-event-publisher-v2_ptp-consumer[Configuring the PTP fast event notifications publisher] +* xref:../../../networking/advanced_networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#cnf-configuring-the-ptp-fast-event-publisher-v2_ptp-consumer[Configuring the PTP fast event notifications publisher] include::modules/nw-ptp-grandmaster-clock-configuration-reference.adoc[leveloffset=+1] @@ -49,7 +49,7 @@ include::modules/nw-ptp-holdover-in-a-grandmaster-clock.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/ptp/configuring-ptp.adoc#nw-ptp-grandmaster-clock-class-reference_configuring-ptp[Grandmaster clock class sync state reference] +* xref:../../../networking/advanced_networking/ptp/configuring-ptp.adoc#nw-ptp-grandmaster-clock-class-reference_configuring-ptp[Grandmaster clock class sync state reference] include::modules/ptp-configuring-dynamic-leap-seconds-handling-for-tgm.adoc[leveloffset=+1] @@ -58,9 +58,9 @@ include::modules/nw-ptp-configuring-linuxptp-services-as-boundary-clock.adoc[lev [role="_additional-resources"] .Additional resources -* xref:../../networking/ptp/configuring-ptp.adoc#cnf-configuring-fifo-priority-scheduling-for-ptp_configuring-ptp[Configuring FIFO priority scheduling for PTP hardware] +* xref:../../../networking/advanced_networking/ptp/configuring-ptp.adoc#cnf-configuring-fifo-priority-scheduling-for-ptp_configuring-ptp[Configuring FIFO priority scheduling for PTP hardware] -* xref:../../networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#cnf-configuring-the-ptp-fast-event-publisher-v2_ptp-consumer[Configuring the PTP fast event notifications publisher] +* xref:../../../networking/advanced_networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#cnf-configuring-the-ptp-fast-event-publisher-v2_ptp-consumer[Configuring the PTP fast event notifications publisher] include::modules/ptp-configuring-linuxptp-services-as-boundary-clock-dual-nic.adoc[leveloffset=+2] @@ -71,9 +71,9 @@ include::modules/nw-ptp-configuring-linuxptp-services-as-ordinary-clock.adoc[lev [role="_additional-resources"] .Additional resources -* xref:../../networking/ptp/configuring-ptp.adoc#cnf-configuring-fifo-priority-scheduling-for-ptp_configuring-ptp[Configuring FIFO priority scheduling for PTP hardware] +* xref:../../../networking/advanced_networking/ptp/configuring-ptp.adoc#cnf-configuring-fifo-priority-scheduling-for-ptp_configuring-ptp[Configuring FIFO priority scheduling for PTP hardware] -* xref:../../networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#cnf-configuring-the-ptp-fast-event-publisher-v2_ptp-consumer[Configuring the PTP fast event notifications publisher] +* xref:../../../networking/advanced_networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#cnf-configuring-the-ptp-fast-event-publisher-v2_ptp-consumer[Configuring the PTP fast event notifications publisher] include::modules/nw-columbiaville-ptp-config-refererence.adoc[leveloffset=+2] @@ -82,9 +82,9 @@ include::modules/nw-ptp-configuring-linuxptp-services-dual-port-oc.adoc[leveloff [role="_additional-resources"] .Additional resources -* For a complete example CR that configures `linuxptp` services as an ordinary clock with PTP fast events, see xref:../../networking/ptp/configuring-ptp.adoc#configuring-linuxptp-services-as-ordinary-clock_configuring-ptp[Configuring linuxptp services as ordinary clock]. +* For a complete example CR that configures `linuxptp` services as an ordinary clock with PTP fast events, see xref:../../../networking/advanced_networking/ptp/configuring-ptp.adoc#configuring-linuxptp-services-as-ordinary-clock_configuring-ptp[Configuring linuxptp services as ordinary clock]. -* xref:../../networking/ptp/about-ptp.adoc#ptp-dual-ports-oc_about-ptp[Using dual-port NICs to improve redundancy for PTP ordinary clocks] +* xref:../../../networking/advanced_networking/ptp/about-ptp.adoc#ptp-dual-ports-oc_about-ptp[Using dual-port NICs to improve redundancy for PTP ordinary clocks] include::modules/cnf-configuring-fifo-priority-scheduling-for-ptp.adoc[leveloffset=+1] diff --git a/networking/ptp/images b/networking/advanced_networking/ptp/images similarity index 100% rename from networking/ptp/images rename to networking/advanced_networking/ptp/images diff --git a/networking/ptp/modules b/networking/advanced_networking/ptp/modules similarity index 100% rename from networking/ptp/modules rename to networking/advanced_networking/ptp/modules diff --git a/networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc b/networking/advanced_networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc similarity index 70% rename from networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc rename to networking/advanced_networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc index 5e99fc5620..9aa8afbf62 100644 --- a/networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc +++ b/networking/advanced_networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc @@ -19,7 +19,7 @@ A complete events consumer application example is outside the scope of this info [role="_additional-resources"] .Additional resources -* xref:../../networking/ptp/ptp-events-rest-api-reference-v2.adoc#ptp-events-rest-api-reference-v2[PTP events REST API v2 reference] +* xref:../../../networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc#ptp-events-rest-api-reference-v2[PTP events REST API v2 reference] include::modules/cnf-about-ptp-fast-event-notifications-framework.adoc[leveloffset=+1] @@ -30,7 +30,7 @@ include::modules/cnf-configuring-the-ptp-fast-event-publisher.adoc[leveloffset=+ [role="_additional-resources"] .Additional resources -* For a complete example CR that configures `linuxptp` services as an ordinary clock with PTP fast events, see xref:../../networking/ptp/configuring-ptp.adoc#configuring-linuxptp-services-as-ordinary-clock_configuring-ptp[Configuring linuxptp services as ordinary clock]. +* For a complete example CR that configures `linuxptp` services as an ordinary clock with PTP fast events, see xref:../../../networking/advanced_networking/ptp/configuring-ptp.adoc#configuring-linuxptp-services-as-ordinary-clock_configuring-ptp[Configuring linuxptp services as ordinary clock]. include::modules/ptp-events-consumer-application-v2.adoc[leveloffset=+1] @@ -41,7 +41,7 @@ include::modules/ptp-subscribing-consumer-app-to-events.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloud-notifications-v2-subscriptions_using-ptp-hardware-fast-events-framework-v2[api/ocloudNotifications/v2/subscriptions] +* xref:../../../networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloud-notifications-v2-subscriptions_using-ptp-hardware-fast-events-framework-v2[api/ocloudNotifications/v2/subscriptions] include::modules/ptp-verifying-events-consumer-app-is-receiving-events-v2.adoc[leveloffset=+1] @@ -50,6 +50,6 @@ include::modules/cnf-monitoring-fast-events-metrics.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../observability/monitoring/accessing-metrics/accessing-metrics-as-a-developer.adoc#accessing-metrics-as-a-developer[Accessing metrics as a developer] +* xref:../../../observability/monitoring/accessing-metrics/accessing-metrics-as-a-developer.adoc#accessing-metrics-as-a-developer[Accessing metrics as a developer] include::modules/nw-ptp-operator-metrics-reference.adoc[leveloffset=+1] diff --git a/networking/ptp/ptp-events-rest-api-reference-v2.adoc b/networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc similarity index 53% rename from networking/ptp/ptp-events-rest-api-reference-v2.adoc rename to networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc index 2d73e1bc3b..2f93b8b56f 100644 --- a/networking/ptp/ptp-events-rest-api-reference-v2.adoc +++ b/networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc @@ -8,22 +8,22 @@ toc::[] Use the following REST API v2 endpoints to subscribe the `cloud-event-consumer` application to Precision Time Protocol (PTP) events posted at `\http://ptp-event-publisher-service-NODE_NAME.openshift-ptp.svc.cluster.local:9043/api/ocloudNotifications/v2` in the PTP events producer pod. -* xref:../../networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloud-notifications-v2-subscriptions_{context}[`api/ocloudNotifications/v2/subscriptions`] +* xref:../../networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloud-notifications-v2-subscriptions_{context}[`api/ocloudNotifications/v2/subscriptions`] ** `POST`: Creates a new subscription ** `GET`: Retrieves a list of subscriptions ** `DELETE`: Deletes all subscriptions -* xref:../../networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloud-notifications-v2-subscriptions-subscription_id_{context}[`api/ocloudNotifications/v2/subscriptions/{subscription_id}`] +* xref:../../networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloud-notifications-v2-subscriptions-subscription_id_{context}[`api/ocloudNotifications/v2/subscriptions/{subscription_id}`] ** `GET`: Returns details for the specified subscription ID ** `DELETE`: Deletes the subscription associated with the specified subscription ID -* xref:../../networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloudnotifications-v2-health_{context}[`api/ocloudNotifications/v2/health`] +* xref:../../networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloudnotifications-v2-health_{context}[`api/ocloudNotifications/v2/health`] ** `GET`: Returns the health status of `ocloudNotifications` API -* xref:../../networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloudnotifications-v2-publishers_{context}[`api/ocloudNotifications/v2/publishers`] +* xref:../../networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc#api-ocloudnotifications-v2-publishers_{context}[`api/ocloudNotifications/v2/publishers`] ** `GET`: Returns a list of PTP event publishers for the cluster node -* xref:../../networking/ptp/ptp-events-rest-api-reference-v2.adoc#resource-address-current-state-v2_{context}[`api/ocloudnotifications/v2/{resource_address}/CurrentState`] +* xref:../../networking/advanced_networking/ptp/ptp-events-rest-api-reference-v2.adoc#resource-address-current-state-v2_{context}[`api/ocloudnotifications/v2/{resource_address}/CurrentState`] ** `GET`: Returns the current state of the event type specified by the `{resouce_address}`. include::modules/cnf-fast-event-notifications-api-reference-v2.adoc[leveloffset=+1] diff --git a/networking/configuring_ingress_cluster_traffic/snippets b/networking/advanced_networking/ptp/snippets similarity index 100% rename from networking/configuring_ingress_cluster_traffic/snippets rename to networking/advanced_networking/ptp/snippets diff --git a/networking/advanced_networking/snippets b/networking/advanced_networking/snippets new file mode 120000 index 0000000000..7bf6da9a51 --- /dev/null +++ b/networking/advanced_networking/snippets @@ -0,0 +1 @@ +../../snippets \ No newline at end of file diff --git a/networking/using-sctp.adoc b/networking/advanced_networking/using-sctp.adoc similarity index 100% rename from networking/using-sctp.adoc rename to networking/advanced_networking/using-sctp.adoc diff --git a/networking/verifying-connectivity-endpoint.adoc b/networking/advanced_networking/verifying-connectivity-endpoint.adoc similarity index 100% rename from networking/verifying-connectivity-endpoint.adoc rename to networking/advanced_networking/verifying-connectivity-endpoint.adoc diff --git a/networking/configuring-cluster-wide-proxy.adoc b/networking/configuring-cluster-wide-proxy.adoc index 2d3eb02242..7ffe860305 100644 --- a/networking/configuring-cluster-wide-proxy.adoc +++ b/networking/configuring-cluster-wide-proxy.adoc @@ -54,6 +54,7 @@ ifdef::openshift-rosa[] You can configure an HTTP or HTTPS proxy when you install a {product-title} (ROSA) cluster into an existing Virtual Private Cloud (VPC). You can configure the proxy during installation by using {cluster-manager-first} or the ROSA CLI (`rosa`). include::modules/configuring-a-proxy-during-installation-ocm.adoc[leveloffset=+2] + include::modules/configuring-a-proxy-during-installation-cli.adoc[leveloffset=+2] endif::openshift-rosa[] @@ -81,6 +82,7 @@ ifdef::openshift-rosa[] You can configure an HTTP or HTTPS proxy after you install a {product-title} (ROSA) cluster into an existing Virtual Private Cloud (VPC). You can configure the proxy after installation by using {cluster-manager-first} or the ROSA CLI (`rosa`). include::modules/configuring-a-proxy-after-installation-ocm.adoc[leveloffset=+2] + include::modules/configuring-a-proxy-after-installation-cli.adoc[leveloffset=+2] [id="removing-cluster-wide-proxy_{context}"] @@ -89,5 +91,6 @@ include::modules/configuring-a-proxy-after-installation-cli.adoc[leveloffset=+2] You can remove your cluster-wide proxy by using the ROSA CLI. After removing the cluster, you should also remove any trust bundles that are added to the cluster. include::modules/nw-rosa-proxy-remove-cli.adoc[leveloffset=+2] + include::modules/configmap-removing-ca.adoc[leveloffset=+2] endif::openshift-rosa[] \ No newline at end of file diff --git a/networking/ptp/_attributes b/networking/configuring_network_settings/_attributes similarity index 100% rename from networking/ptp/_attributes rename to networking/configuring_network_settings/_attributes diff --git a/networking/configure-syscontrols-interface-tuning-cni.adoc b/networking/configuring_network_settings/configure-syscontrols-interface-tuning-cni.adoc similarity index 68% rename from networking/configure-syscontrols-interface-tuning-cni.adoc rename to networking/configuring_network_settings/configure-syscontrols-interface-tuning-cni.adoc index 420241a199..2626300a05 100644 --- a/networking/configure-syscontrols-interface-tuning-cni.adoc +++ b/networking/configuring_network_settings/configure-syscontrols-interface-tuning-cni.adoc @@ -20,6 +20,6 @@ include::modules/nw-cfg-config-all-multi-cni.adoc[leveloffset=+1] [id="additional-resources_nodes-setting-interface-level-network-sysctls"] == Additional resources -* xref:../nodes/containers/nodes-containers-sysctls.adoc#nodes-containers-sysctls[Using sysctls in containers] -* xref:../networking/hardware_networks/configuring-sriov-device.adoc#nw-sriov-networknodepolicy-object_configuring-sriov-device[SR-IOV network node configuration object] -* xref:../networking/hardware_networks/configuring-interface-sysctl-sriov-device.adoc#configuring-interface-level-sysctl-settings-sriov-device[Configuring interface-level network sysctl settings and all-multicast mode for SR-IOV networks] +* xref:../../nodes/containers/nodes-containers-sysctls.adoc#nodes-containers-sysctls[Using sysctls in containers] +* xref:../../networking/hardware_networks/configuring-sriov-device.adoc#nw-sriov-networknodepolicy-object_configuring-sriov-device[SR-IOV network node configuration object] +* xref:../../networking/hardware_networks/configuring-interface-sysctl-sriov-device.adoc#configuring-interface-level-sysctl-settings-sriov-device[Configuring interface-level network sysctl settings and all-multicast mode for SR-IOV networks] diff --git a/networking/configuring-a-custom-pki.adoc b/networking/configuring_network_settings/configuring-a-custom-pki.adoc similarity index 80% rename from networking/configuring-a-custom-pki.adoc rename to networking/configuring_network_settings/configuring-a-custom-pki.adoc index 1c74cf5d59..1ca9ce56f9 100644 --- a/networking/configuring-a-custom-pki.adoc +++ b/networking/configuring_network_settings/configuring-a-custom-pki.adoc @@ -14,7 +14,7 @@ its privately signed CA certificates are recognized across the cluster. You can leverage the Proxy API to add cluster-wide trusted CA certificates. You must do this either during installation or at runtime. -* During _installation_, xref:../networking/configuring-a-custom-pki.adoc#installation-configure-proxy_{context}[configure the cluster-wide proxy]. You must define your +* During _installation_, xref:../networking/configuring_network_settings/configuring-a-custom-pki.adoc#installation-configure-proxy_{context}[configure the cluster-wide proxy]. You must define your privately signed CA certificates in the `install-config.yaml` file's `additionalTrustBundle` setting. + @@ -24,7 +24,7 @@ Operator then creates a `trusted-ca-bundle` ConfigMap that merges these CA certificates with the {op-system-first} trust bundle; this ConfigMap is referenced in the Proxy object's `trustedCA` field. -* At _runtime_, xref:../networking/configuring-a-custom-pki.adoc#nw-proxy-configure-object_{context}[modify the default Proxy object to include your privately signed CA certificates] (part of cluster's proxy enablement workflow). This involves +* At _runtime_, xref:../networking/configuring_network_settings/configuring-a-custom-pki.adoc#nw-proxy-configure-object_{context}[modify the default Proxy object to include your privately signed CA certificates] (part of cluster's proxy enablement workflow). This involves creating a ConfigMap that contains the privately signed CA certificates that should be trusted by the cluster, and then modifying the proxy resource with the `trustedCA` referencing the privately signed certificates' ConfigMap. diff --git a/networking/configuring-cluster-network-range.adoc b/networking/configuring_network_settings/configuring-cluster-network-range.adoc similarity index 81% rename from networking/configuring-cluster-network-range.adoc rename to networking/configuring_network_settings/configuring-cluster-network-range.adoc index 46df15e0f1..d2ffa98415 100644 --- a/networking/configuring-cluster-network-range.adoc +++ b/networking/configuring_network_settings/configuring-cluster-network-range.adoc @@ -10,7 +10,7 @@ As a cluster administrator, you can expand the cluster network range after clust For example, if you deployed a cluster and specified `10.128.0.0/19` as the cluster network range and a host prefix of `23`, you are limited to 16 nodes. You can expand that to 510 nodes by changing the CIDR mask on a cluster to `/14`. -When expanding the cluster network address range, your cluster must use the xref:../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[OVN-Kubernetes network plugin]. Other network plugins are not supported. +When expanding the cluster network address range, your cluster must use the xref:../../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[OVN-Kubernetes network plugin]. Other network plugins are not supported. The following limitations apply when modifying the cluster network IP address range: @@ -25,4 +25,4 @@ include::modules/nw-cluster-network-range-edit.adoc[leveloffset=+1] == Additional resources * link:https://access.redhat.com/labs/ocpnc/[Red Hat OpenShift Network Calculator] -* xref:../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[About the OVN-Kubernetes network plugin] +* xref:../../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[About the OVN-Kubernetes network plugin] diff --git a/networking/configuring-ipfailover.adoc b/networking/configuring_network_settings/configuring-ipfailover.adoc similarity index 97% rename from networking/configuring-ipfailover.adoc rename to networking/configuring_network_settings/configuring-ipfailover.adoc index 940ad4fb03..33fd5d00d6 100644 --- a/networking/configuring-ipfailover.adoc +++ b/networking/configuring_network_settings/configuring-ipfailover.adoc @@ -69,7 +69,7 @@ include::modules/nw-ipfailover-cluster-ha-ingress.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../networking/configuring_ingress_cluster_traffic/configuring-externalip.adoc#configuration-externalip_configuring-externalip[Configuration for ExternalIP] +* xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-externalip.adoc#configuration-externalip_configuring-externalip[Configuration for ExternalIP] * link:https://kubernetes.io/docs/concepts/services-networking/service/#external-ips[Kubernetes documentation on ExternalIP] diff --git a/networking/configuring-node-port-service-range.adoc b/networking/configuring_network_settings/configuring-node-port-service-range.adoc similarity index 79% rename from networking/configuring-node-port-service-range.adoc rename to networking/configuring_network_settings/configuring-node-port-service-range.adoc index 8af2b0c312..aa35474f5e 100644 --- a/networking/configuring-node-port-service-range.adoc +++ b/networking/configuring_network_settings/configuring-node-port-service-range.adoc @@ -10,7 +10,7 @@ During cluster installation, you can configure the node port range to meet the r [IMPORTANT] ==== -Before you expand a node port range, consider that Red{nbsp}Hat has not performed testing outside the default port range of `30000-32768`. For ranges outside the default port range, ensure that you test to verify the expanding node port range does not impact your cluster. If you expanded the range and a port allocation issue occurs, create a new cluster and set the required range for it. +Before you expand a node port range, consider that Red{nbsp}Hat has not performed testing outside the default port range of `30000-32768`. For ranges outside the default port range, ensure that you test to verify the expanding node port range does not impact your cluster. If you expanded the range and a port allocation issue occurs, create a new cluster and set the required range for it. ==== If you do not set a node port range during cluster installation, the default range of `30000-32768` applies to your cluster. In this situation, you can expand the range on either side, but you must preserve `30000-32768` within your new port range. @@ -28,6 +28,6 @@ include::modules/nw-nodeport-service-range-edit.adoc[leveloffset=+1] [id="configuring-node-port-service-range-additional-resources"] == Additional resources -* xref:../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#configuring-ingress-cluster-traffic-nodeport[Configuring ingress cluster traffic using a NodePort] -* xref:../rest_api/config_apis/network-config-openshift-io-v1.adoc#network-config-openshift-io-v1[Network [config.openshift.io/v1]] -* xref:../rest_api/network_apis/service-v1.adoc#service-v1[Service [core/v1]] +* xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#configuring-ingress-cluster-traffic-nodeport[Configuring ingress cluster traffic using a NodePort] +* xref:../../rest_api/config_apis/network-config-openshift-io-v1.adoc#network-config-openshift-io-v1[Network [config.openshift.io/v1]] +* xref:../../rest_api/network_apis/service-v1.adoc#service-v1[Service [core/v1]] diff --git a/networking/enable-cluster-wide-proxy.adoc b/networking/configuring_network_settings/enable-cluster-wide-proxy.adoc similarity index 68% rename from networking/enable-cluster-wide-proxy.adoc rename to networking/configuring_network_settings/enable-cluster-wide-proxy.adoc index 866b038396..1582b12456 100644 --- a/networking/enable-cluster-wide-proxy.adoc +++ b/networking/configuring_network_settings/enable-cluster-wide-proxy.adoc @@ -6,9 +6,9 @@ include::_attributes/common-attributes.adoc[] toc::[] -Production environments can deny direct access to the internet and instead have an HTTP or HTTPS proxy available. You can configure {product-title} to use a proxy by xref:../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[modifying the Proxy object for existing clusters] or by configuring the proxy settings in the `install-config.yaml` file for new clusters. +Production environments can deny direct access to the internet and instead have an HTTP or HTTPS proxy available. You can configure {product-title} to use a proxy by xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[modifying the Proxy object for existing clusters] or by configuring the proxy settings in the `install-config.yaml` file for new clusters. -After you enable a cluster-wide egress proxy for your cluster on a supported platform, {op-system-first} populates the `status.noProxy` parameter with the values of the `networking.machineNetwork[].cidr`, `networking.clusterNetwork[].cidr`, and `networking.serviceNetwork[]` fields from your `install-config.yaml` file that exists on the supported platform. +After you enable a cluster-wide egress proxy for your cluster on a supported platform, {op-system-first} populates the `status.noProxy` parameter with the values of the `networking.machineNetwork[].cidr`, `networking.clusterNetwork[].cidr`, and `networking.serviceNetwork[]` fields from your `install-config.yaml` file that exists on the supported platform. [NOTE] ==== @@ -47,7 +47,7 @@ status: <1> Specify IP address blocks from which pod IP addresses are allocated. The default value is `10.128.0.0/14` with a host prefix of `/23`. <2> Specify the IP address blocks for machines. The default value is `10.0.0.0/16`. <3> Specify IP address block for services. The default value is `172.30.0.0/16`. -<4> You can find the URL of the internal API server by running the `oc get infrastructures.config.openshift.io cluster -o jsonpath='{.status.etcdDiscoveryDomain}'` command. +<4> You can find the URL of the internal API server by running the `oc get infrastructures.config.openshift.io cluster -o jsonpath='{.status.etcdDiscoveryDomain}'` command. [IMPORTANT] ==== @@ -57,7 +57,7 @@ If your installation type does not include setting the `networking.machineNetwor [id="prerequisites_cluster-wide-proxy"] == Prerequisites -Review the xref:../installing/install_config/configuring-firewall.adoc#configuring-firewall[sites that your cluster requires access to] and determine whether any of them must bypass the proxy. By default, all cluster system egress traffic is proxied, including calls to the cloud provider API for the cloud that hosts your cluster. The system-wide proxy affects system components only, not user workloads. If necessary, add sites to the `spec.noProxy` parameter of the `Proxy` object to bypass the proxy. +Review the xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[sites that your cluster requires access to] and determine whether any of them must bypass the proxy. By default, all cluster system egress traffic is proxied, including calls to the cloud provider API for the cloud that hosts your cluster. The system-wide proxy affects system components only, not user workloads. If necessary, add sites to the `spec.noProxy` parameter of the `Proxy` object to bypass the proxy. // Enabling the cluster-wide proxy include::modules/nw-proxy-configure-object.adoc[leveloffset=+1] @@ -72,7 +72,7 @@ include::modules/nw-verify-proxy-configuration.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../networking/configuring-cluster-network-range.adoc#configuring-cluster-network-range[Configuring the cluster network range] -* xref:../security/certificates/updating-ca-bundle.adoc#ca-bundle-understanding_updating-ca-bundle[Understanding the CA Bundle certificate] -* xref:../security/certificate_types_descriptions/proxy-certificates.adoc#customization[Proxy certificates] +* xref:../../networking/configuring_network_settings/configuring-cluster-network-range.adoc#configuring-cluster-network-range[Configuring the cluster network range] +* xref:../../security/certificates/updating-ca-bundle.adoc#ca-bundle-understanding_updating-ca-bundle[Understanding the CA Bundle certificate] +* xref:../../security/certificate_types_descriptions/proxy-certificates.adoc#customization[Proxy certificates] * link:https://access.redhat.com/solutions/7065528[How is the cluster-wide proxy setting applied to {product-title} nodes?] \ No newline at end of file diff --git a/networking/routes/images b/networking/configuring_network_settings/images similarity index 100% rename from networking/routes/images rename to networking/configuring_network_settings/images diff --git a/networking/routes/modules b/networking/configuring_network_settings/modules similarity index 100% rename from networking/routes/modules rename to networking/configuring_network_settings/modules diff --git a/networking/configuring_network_settings/snippets b/networking/configuring_network_settings/snippets new file mode 120000 index 0000000000..7bf6da9a51 --- /dev/null +++ b/networking/configuring_network_settings/snippets @@ -0,0 +1 @@ +../../snippets \ No newline at end of file diff --git a/networking/routes/_attributes b/networking/ingress_load_balancing/_attributes similarity index 100% rename from networking/routes/_attributes rename to networking/ingress_load_balancing/_attributes diff --git a/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/_attributes b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/_attributes new file mode 120000 index 0000000000..20cc1dcb77 --- /dev/null +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/_attributes @@ -0,0 +1 @@ +../../_attributes/ \ No newline at end of file diff --git a/networking/configuring_ingress_cluster_traffic/allocating-load-balancers.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/allocating-load-balancers.adoc similarity index 100% rename from networking/configuring_ingress_cluster_traffic/allocating-load-balancers.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/allocating-load-balancers.adoc diff --git a/networking/configuring_ingress_cluster_traffic/configuring-externalip.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-externalip.adoc similarity index 70% rename from networking/configuring_ingress_cluster_traffic/configuring-externalip.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-externalip.adoc index 75730dcf53..61fce9218f 100644 --- a/networking/configuring_ingress_cluster_traffic/configuring-externalip.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-externalip.adoc @@ -20,9 +20,9 @@ include::modules/nw-externalip-about.adoc[leveloffset=+1] [id="additional-resources_{context}"] == Additional resources -* xref:../../networking/configuring-ipfailover.adoc#configuring-ipfailover[Configuring IP failover] +* xref:../../../networking/configuring_network_settings/configuring-ipfailover.adoc#configuring-ipfailover[Configuring IP failover] -* xref:../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator] +* xref:../../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator] // Configuration for ExternalIP include::modules/configuration-externalip.adoc[leveloffset=+1] @@ -42,4 +42,4 @@ include::modules/nw-externalip-configuring.adoc[leveloffset=+1] [id="configuring-externalip-next-steps"] == Next steps -* xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc#configuring-ingress-cluster-traffic-service-external-ip[Configuring ingress cluster traffic for a service external IP] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc#configuring-ingress-cluster-traffic-service-external-ip[Configuring ingress cluster traffic for a service external IP] diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-patch-fields.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-patch-fields.adoc similarity index 100% rename from networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-patch-fields.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-patch-fields.adoc diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc similarity index 86% rename from networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc index 6f91305c7a..cfd33adeb9 100644 --- a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc @@ -35,7 +35,7 @@ include::modules/nw-aws-nlb-existing-cluster.adoc[leveloffset=+2] [IMPORTANT] ==== -Before you can configure an Ingress Controller NLB on a new AWS cluster, you must complete the xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installation-initializing_installing-aws-network-customizations[Creating the installation configuration file] procedure. +Before you can configure an Ingress Controller NLB on a new AWS cluster, you must complete the xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installation-initializing_installing-aws-network-customizations[Creating the installation configuration file] procedure. ==== include::modules/nw-aws-nlb-new-cluster.adoc[leveloffset=+2] @@ -50,6 +50,6 @@ include::modules/nw-ingress-aws-static-eip-nlb-configuration.adoc[leveloffset=+2 [id="additional-resources_configuring-ingress-cluster-traffic-aws"] == Additional resources -* xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]. +* xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]. * For more information on support for NLBs, see link:https://kubernetes.io/docs/concepts/services-networking/service/#aws-nlb-support[Network Load Balancer support on AWS]. * For more information on proxy protocol support for CLBs, see link:https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html[Configure proxy protocol support for your Classic Load Balancer] diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc similarity index 80% rename from networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc index f7b0979ad7..d87dc69ce2 100644 --- a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc @@ -77,13 +77,13 @@ include::modules/nw-ingress-sharding-route-configuration.adoc[leveloffset=+2] [id="additional-resources_ingress-sharding"] === Additional resources -* xref:../../scalability_and_performance/optimization/routing-optimization.adoc#baseline-router-performance_routing-optimization[Baseline Ingress Controller (router) performance] +* xref:../../../scalability_and_performance/optimization/routing-optimization.adoc#baseline-router-performance_routing-optimization[Baseline Ingress Controller (router) performance] -* xref:../../networking/networking_operators/ingress-operator.adoc#configuring-ingress-controller[Configuring the Ingress Controller] +* xref:../../../networking/networking_operators/ingress-operator.adoc#configuring-ingress-controller[Configuring the Ingress Controller] -* xref:../../installing/installing_bare_metal/upi/installing-bare-metal.adoc#installing-bare-metal[Installing a cluster on bare metal] +* xref:../../../installing/installing_bare_metal/upi/installing-bare-metal.adoc#installing-bare-metal[Installing a cluster on bare metal] -* xref:../../installing/installing_vsphere/upi/installing-vsphere.adoc#installing-vsphere[Installing a cluster on vSphere] +* xref:../../../installing/installing_vsphere/upi/installing-vsphere.adoc#installing-vsphere[Installing a cluster on vSphere] -* xref:../../networking/network_security/network_policy/about-network-policy.adoc#about-network-policy[About network policy] +* xref:../../../networking/network_security/network_policy/about-network-policy.adoc#about-network-policy[About network policy] endif::openshift-enterprise,openshift-webscale,openshift-origin[] diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges.adoc similarity index 84% rename from networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges.adoc index d6728f32b4..f02aea1f89 100644 --- a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer-allowed-source-ranges.adoc @@ -9,8 +9,9 @@ toc::[] You can specify a list of IP address ranges for the `IngressController`. This restricts access to the load balancer service when the `endpointPublishingStrategy` is `LoadBalancerService`. include::modules/nw-configuring-lb-allowed-source-ranges.adoc[leveloffset=+1] + include::modules/nw-configuring-lb-allowed-source-ranges-migration.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../../updating/understanding_updates/intro-to-updates.adoc#understanding-openshift-updates[Introduction to OpenShift updates] +* xref:../../../updating/understanding_updates/intro-to-updates.adoc#understanding-openshift-updates[Introduction to OpenShift updates] diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc similarity index 100% rename from networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc similarity index 75% rename from networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc index 478d57fbf0..9b4e24dcb6 100644 --- a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc @@ -38,7 +38,7 @@ procedure assumes that the external system is on the same subnet as the cluster. The additional networking required for external systems on a different subnet is out-of-scope for this topic. -// Creating a project and service +// Creating a project and service include::modules/nw-creating-project-and-service.adoc[leveloffset=+1] // Exposing the service by creating a route @@ -48,6 +48,6 @@ include::modules/nw-exposing-service.adoc[leveloffset=+1] [id="configuring-ingress-cluster-traffic-nodeport-additional-resources"] == Additional resources -* xref:../../networking/configuring-node-port-service-range.adoc#configuring-node-port-service-range[Configuring the node port service range] +* xref:../../../networking/configuring_network_settings/configuring-node-port-service-range.adoc#configuring-node-port-service-range[Configuring the node port service range] -* xref:../../networking/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingress-controller-nodeportservice-projects_nw-configuring-ingress-controller-endpoint-publishing-strategy[Adding a single NodePort service to an Ingress Controller] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingress-controller-nodeportservice-projects_nw-configuring-ingress-controller-endpoint-publishing-strategy[Adding a single NodePort service to an Ingress Controller] diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc similarity index 61% rename from networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc index 9a28ed6760..fa9fc121f2 100644 --- a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc @@ -6,14 +6,14 @@ include::_attributes/common-attributes.adoc[] toc::[] -You can use either a MetalLB implementation or an IP failover deployment to attach an ExternalIP resource to a service so that the service is available to traffic outside your {product-title} cluster. Hosting an external IP address in this way is only applicable for a cluster installed on bare-metal hardware. +You can use either a MetalLB implementation or an IP failover deployment to attach an ExternalIP resource to a service so that the service is available to traffic outside your {product-title} cluster. Hosting an external IP address in this way is only applicable for a cluster installed on bare-metal hardware. You must ensure that you correctly configure the external network infrastructure to route traffic to the service. [id="configuring-ingress-cluster-traffic-service-external-ip-prerequisites"] == Prerequisites -* Your cluster is configured with ExternalIPs enabled. For more information, read xref:../../networking/configuring_ingress_cluster_traffic/configuring-externalip.adoc#configuring-externalip[Configuring ExternalIPs for services]. +* Your cluster is configured with ExternalIPs enabled. For more information, read xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-externalip.adoc#configuring-externalip[Configuring ExternalIPs for services]. + [NOTE] ==== @@ -26,8 +26,8 @@ include::modules/nw-service-externalip-create.adoc[leveloffset=+1] [id="configuring-ingress-cluster-traffic-service-external-ip-additional-resources"] == Additional resources -* xref:../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator] +* xref:../../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator] -* xref:../../networking/configuring-ipfailover.adoc#configuring-ipfailover[Configuring IP failover] +* xref:../../../networking/configuring_network_settings/configuring-ipfailover.adoc#configuring-ipfailover[Configuring IP failover] -* xref:../../networking/configuring_ingress_cluster_traffic/configuring-externalip.adoc#configuring-externalip[Configuring ExternalIPs for services] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-externalip.adoc#configuring-externalip[Configuring ExternalIPs for services] diff --git a/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/images b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/images new file mode 120000 index 0000000000..847b03ed05 --- /dev/null +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/images @@ -0,0 +1 @@ +../../images/ \ No newline at end of file diff --git a/networking/ingress-controller-dnsmgt.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-controller-dnsmgt.adoc similarity index 92% rename from networking/ingress-controller-dnsmgt.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-controller-dnsmgt.adoc index c83891075d..8607cf9f42 100644 --- a/networking/ingress-controller-dnsmgt.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-controller-dnsmgt.adoc @@ -36,4 +36,4 @@ include::modules/modifying-an-existing-ingress-controller.adoc[leveloffset=+1] [role="_additional-resources"] [id="configuring-ingress-controller-dns-management-additional-resources"] == Additional resources -* xref:../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration parameters] +* xref:../../../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration parameters] diff --git a/networking/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc similarity index 100% rename from networking/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc diff --git a/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/modules b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/modules new file mode 120000 index 0000000000..36719b9de7 --- /dev/null +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/modules @@ -0,0 +1 @@ +../../modules/ \ No newline at end of file diff --git a/networking/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc similarity index 72% rename from networking/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc index e478de3c40..552ff7d025 100644 --- a/networking/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc @@ -30,8 +30,8 @@ include::modules/nw-ingress-controller-nodeportservice-projects.adoc[leveloffset [role="_additional-resources"] == Additional resources -* xref:../../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration parameters] +* xref:../../../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration parameters] -* xref:../../installing/installing_openstack/installing-openstack-installer-custom.adoc#installation-osp-setting-cloud-provider-options_installing-openstack-installer-custom[Setting {rh-openstack} Cloud Controller Manager options] +* xref:../../../installing/installing_openstack/installing-openstack-installer-custom.adoc#installation-osp-setting-cloud-provider-options_installing-openstack-installer-custom[Setting {rh-openstack} Cloud Controller Manager options] -* xref:../../installing/installing_platform_agnostic/installing-platform-agnostic.html#installation-dns-user-infra_installing-platform-agnostic[User-provisioned DNS requirements] +* xref:../../../installing/installing_platform_agnostic/installing-platform-agnostic.adoc#installation-dns-user-infra_installing-platform-agnostic[User-provisioned DNS requirements] \ No newline at end of file diff --git a/networking/configuring_ingress_cluster_traffic/overview-traffic.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/overview-traffic.adoc similarity index 70% rename from networking/configuring_ingress_cluster_traffic/overview-traffic.adoc rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/overview-traffic.adoc index f595345403..f12fe8540d 100644 --- a/networking/configuring_ingress_cluster_traffic/overview-traffic.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/overview-traffic.adoc @@ -22,21 +22,21 @@ with the SNI header, use an Ingress Controller. |Method |Purpose -|xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#configuring-ingress-cluster-traffic-ingress-controller[Use an Ingress Controller] +|xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#configuring-ingress-cluster-traffic-ingress-controller[Use an Ingress Controller] |Allows access to HTTP/HTTPS traffic and TLS-encrypted protocols other than HTTPS (for example, TLS with the SNI header). -|xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc#configuring-ingress-cluster-traffic-load-balancer[Automatically assign an external IP using a load balancer service] +|xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc#configuring-ingress-cluster-traffic-load-balancer[Automatically assign an external IP using a load balancer service] |Allows traffic to non-standard ports through an IP address assigned from a pool. Most cloud platforms offer a method to start a service with a load-balancer IP address. -|xref:../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator] +|xref:../../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator] |Allows traffic to a specific IP address or address from a pool on the machine network. For bare-metal installations or platforms that are like bare metal, MetalLB provides a way to start a service with a load-balancer IP address. -|xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc#configuring-ingress-cluster-traffic-service-external-ip[Manually assign an external IP to a service] +|xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-service-external-ip.adoc#configuring-ingress-cluster-traffic-service-external-ip[Manually assign an external IP to a service] |Allows traffic to non-standard ports through a specific IP address. -|xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#configuring-ingress-cluster-traffic-nodeport[Configure a `NodePort`] +|xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#configuring-ingress-cluster-traffic-nodeport[Configure a `NodePort`] |Expose a service on all nodes in the cluster. |=== diff --git a/networking/metallb/snippets b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/snippets similarity index 100% rename from networking/metallb/snippets rename to networking/ingress_load_balancing/configuring_ingress_cluster_traffic/snippets diff --git a/networking/ingress_load_balancing/images b/networking/ingress_load_balancing/images new file mode 120000 index 0000000000..847b03ed05 --- /dev/null +++ b/networking/ingress_load_balancing/images @@ -0,0 +1 @@ +../../images/ \ No newline at end of file diff --git a/networking/load-balancing-openstack.adoc b/networking/ingress_load_balancing/load-balancing-openstack.adoc similarity index 95% rename from networking/load-balancing-openstack.adoc rename to networking/ingress_load_balancing/load-balancing-openstack.adoc index b642026720..496eef5a5b 100644 --- a/networking/load-balancing-openstack.adoc +++ b/networking/ingress_load_balancing/load-balancing-openstack.adoc @@ -6,9 +6,13 @@ include::_attributes/common-attributes.adoc[] toc::[] +//limitations of OSP loadbalancer include::modules/nw-osp-loadbalancer-limitations.adoc[leveloffset=+1] + include::modules/nw-osp-loadbalancer-etp-local.adoc[leveloffset=+2] + include::modules/installation-osp-api-octavia.adoc[leveloffset=+1] + include::modules/installation-osp-api-scaling.adoc[leveloffset=+2] // Services for a user-managed load balancer diff --git a/networking/ingress_load_balancing/metallb/_attributes b/networking/ingress_load_balancing/metallb/_attributes new file mode 120000 index 0000000000..20cc1dcb77 --- /dev/null +++ b/networking/ingress_load_balancing/metallb/_attributes @@ -0,0 +1 @@ +../../_attributes/ \ No newline at end of file diff --git a/networking/metallb/about-advertising-ipaddresspool.adoc b/networking/ingress_load_balancing/metallb/about-advertising-ipaddresspool.adoc similarity index 93% rename from networking/metallb/about-advertising-ipaddresspool.adoc rename to networking/ingress_load_balancing/metallb/about-advertising-ipaddresspool.adoc index 431b612af0..f7c5aa012f 100644 --- a/networking/metallb/about-advertising-ipaddresspool.adoc +++ b/networking/ingress_load_balancing/metallb/about-advertising-ipaddresspool.adoc @@ -50,4 +50,4 @@ include::modules/nw-metallb-configure-secondary-interface.adoc[leveloffset=+1] [id="additional-resources_about-advertiseipaddress"] == Additional resources -* xref:../../networking/metallb/metallb-configure-community-alias.adoc#metallb-configure-community-alias[Configuring a community alias]. +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-community-alias.adoc#metallb-configure-community-alias[Configuring a community alias]. diff --git a/networking/metallb/images b/networking/ingress_load_balancing/metallb/images similarity index 100% rename from networking/metallb/images rename to networking/ingress_load_balancing/metallb/images diff --git a/networking/metallb/metallb-configure-address-pools.adoc b/networking/ingress_load_balancing/metallb/metallb-configure-address-pools.adoc similarity index 58% rename from networking/metallb/metallb-configure-address-pools.adoc rename to networking/ingress_load_balancing/metallb/metallb-configure-address-pools.adoc index ae0002b0bd..ce24944694 100644 --- a/networking/metallb/metallb-configure-address-pools.adoc +++ b/networking/ingress_load_balancing/metallb/metallb-configure-address-pools.adoc @@ -8,7 +8,7 @@ toc::[] As a cluster administrator, you can add, modify, and delete address pools. The MetalLB Operator uses the address pool custom resources to set the IP addresses that MetalLB can assign to services. The namespace used in the examples assume the namespace is `metallb-system`. -For more information about how to install the MetalLB Operator, see xref:../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator]. +For more information about how to install the MetalLB Operator, see xref:../../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb[About MetalLB and the MetalLB Operator]. // Address pool custom resource include::modules/nw-metallb-addresspool-cr.adoc[leveloffset=+1] @@ -25,8 +25,8 @@ include::modules/nw-metallb-example-addresspool.adoc[leveloffset=+1] [id="next-steps_{context}"] == Next steps -* xref:../../networking/metallb/about-advertising-ipaddresspool.adoc#nw-metallb-configure-with-L2-advertisement-label_about-advertising-ip-address-pool[Configuring MetalLB with an L2 advertisement and label] +* xref:../../../networking/ingress_load_balancing/metallb/about-advertising-ipaddresspool.adoc#nw-metallb-configure-with-L2-advertisement-label_about-advertising-ip-address-pool[Configuring MetalLB with an L2 advertisement and label] -* xref:../../networking/metallb/metallb-configure-bgp-peers.adoc#metallb-configure-bgp-peers[Configuring MetalLB BGP peers] +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc#metallb-configure-bgp-peers[Configuring MetalLB BGP peers] -* xref:../../networking/metallb/metallb-configure-services.adoc#metallb-configure-services[Configuring services to use MetalLB] +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-services.adoc#metallb-configure-services[Configuring services to use MetalLB] diff --git a/networking/metallb/metallb-configure-bfd-profiles.adoc b/networking/ingress_load_balancing/metallb/metallb-configure-bfd-profiles.adoc similarity index 81% rename from networking/metallb/metallb-configure-bfd-profiles.adoc rename to networking/ingress_load_balancing/metallb/metallb-configure-bfd-profiles.adoc index 6df0c5d1ea..3a9dd57ab8 100644 --- a/networking/metallb/metallb-configure-bfd-profiles.adoc +++ b/networking/ingress_load_balancing/metallb/metallb-configure-bfd-profiles.adoc @@ -18,4 +18,4 @@ include::modules/nw-metallb-configure-bfdprofle.adoc[leveloffset=+1] [id="next-steps_{context}"] == Next steps -* xref:../../networking/metallb/metallb-configure-bgp-peers.adoc#metallb-configure-bgp-peers[Configure a BGP peer] to use the BFD profile. +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc#metallb-configure-bgp-peers[Configure a BGP peer] to use the BFD profile. diff --git a/networking/metallb/metallb-configure-bgp-peers.adoc b/networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc similarity index 57% rename from networking/metallb/metallb-configure-bgp-peers.adoc rename to networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc index 0a43312fa4..c2686e02ae 100644 --- a/networking/metallb/metallb-configure-bgp-peers.adoc +++ b/networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc @@ -29,13 +29,13 @@ include::modules/nw-metallb-configure-vrf-bgppeer.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/multiple_networks/about-virtual-routing-and-forwarding.adoc#cnf-about-virtual-routing-and-forwarding_about-virtual-routing-and-forwarding[About virtual routing and forwarding] +* xref:../../../networking/multiple_networks/about-virtual-routing-and-forwarding.adoc#cnf-about-virtual-routing-and-forwarding_about-virtual-routing-and-forwarding[About virtual routing and forwarding] -* xref:../../networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc#virt-example-host-vrf_k8s-nmstate-updating-node-network-config[Example: Network interface with a VRF instance node network configuration policy] +* xref:../../../networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc#virt-example-host-vrf_k8s-nmstate-updating-node-network-config[Example: Network interface with a VRF instance node network configuration policy] -* xref:../../networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc#configuring-egress-traffic-loadbalancer-services[Configuring an egress service] +* xref:../../../networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc#configuring-egress-traffic-loadbalancer-services[Configuring an egress service] -* xref:../../networking/metallb/metallb-configure-return-traffic.adoc#metallb-configure-return-traffic[Managing symmetric routing with MetalLB] +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-return-traffic.adoc#metallb-configure-return-traffic[Managing symmetric routing with MetalLB] // Examples include::modules/nw-metallb-example-bgppeer.adoc[leveloffset=+1] @@ -43,4 +43,4 @@ include::modules/nw-metallb-example-bgppeer.adoc[leveloffset=+1] [id="next-steps_{context}"] == Next steps -* xref:../../networking/metallb/metallb-configure-services.adoc#metallb-configure-services[Configuring services to use MetalLB] +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-services.adoc#metallb-configure-services[Configuring services to use MetalLB] diff --git a/networking/metallb/metallb-configure-community-alias.adoc b/networking/ingress_load_balancing/metallb/metallb-configure-community-alias.adoc similarity index 100% rename from networking/metallb/metallb-configure-community-alias.adoc rename to networking/ingress_load_balancing/metallb/metallb-configure-community-alias.adoc diff --git a/networking/metallb/metallb-configure-return-traffic.adoc b/networking/ingress_load_balancing/metallb/metallb-configure-return-traffic.adoc similarity index 82% rename from networking/metallb/metallb-configure-return-traffic.adoc rename to networking/ingress_load_balancing/metallb/metallb-configure-return-traffic.adoc index 498480b74e..014ec85758 100644 --- a/networking/metallb/metallb-configure-return-traffic.adoc +++ b/networking/ingress_load_balancing/metallb/metallb-configure-return-traffic.adoc @@ -55,10 +55,10 @@ include::modules/nw-metallb-configure-return-traffic-proc.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/multiple_networks/about-virtual-routing-and-forwarding.adoc#cnf-about-virtual-routing-and-forwarding_about-virtual-routing-and-forwarding[About virtual routing and forwarding] +* xref:../../../networking/multiple_networks/about-virtual-routing-and-forwarding.adoc#cnf-about-virtual-routing-and-forwarding_about-virtual-routing-and-forwarding[About virtual routing and forwarding] -* xref:../../networking/metallb/metallb-configure-bgp-peers.adoc#nw-metallb-bgp-peer-vrf_configure-metallb-bgp-peers[Exposing a service through a network VRF] +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc#nw-metallb-bgp-peer-vrf_configure-metallb-bgp-peers[Exposing a service through a network VRF] -* xref:../../networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc#virt-example-host-vrf_k8s-nmstate-updating-node-network-config[Example: Network interface with a VRF instance node network configuration policy] +* xref:../../../networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc#virt-example-host-vrf_k8s-nmstate-updating-node-network-config[Example: Network interface with a VRF instance node network configuration policy] -* xref:../../networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc#configuring-egress-traffic-loadbalancer-services[Configuring an egress service] +* xref:../../../networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc#configuring-egress-traffic-loadbalancer-services[Configuring an egress service] diff --git a/networking/metallb/metallb-configure-services.adoc b/networking/ingress_load_balancing/metallb/metallb-configure-services.adoc similarity index 100% rename from networking/metallb/metallb-configure-services.adoc rename to networking/ingress_load_balancing/metallb/metallb-configure-services.adoc diff --git a/networking/metallb/metallb-frr-k8s.adoc b/networking/ingress_load_balancing/metallb/metallb-frr-k8s.adoc similarity index 100% rename from networking/metallb/metallb-frr-k8s.adoc rename to networking/ingress_load_balancing/metallb/metallb-frr-k8s.adoc diff --git a/networking/metallb/metallb-troubleshoot-support.adoc b/networking/ingress_load_balancing/metallb/metallb-troubleshoot-support.adoc similarity index 67% rename from networking/metallb/metallb-troubleshoot-support.adoc rename to networking/ingress_load_balancing/metallb/metallb-troubleshoot-support.adoc index a16d895d1e..69f0fd60a5 100644 --- a/networking/metallb/metallb-troubleshoot-support.adoc +++ b/networking/ingress_load_balancing/metallb/metallb-troubleshoot-support.adoc @@ -25,11 +25,11 @@ include::modules/nw-metallb-metrics.adoc[leveloffset=+1] .Additional resources -* See xref:../../observability/monitoring/accessing-metrics/accessing-metrics-as-an-administrator.adoc#querying-metrics-for-all-projects-with-mon-dashboard_accessing-metrics-as-an-administrator[Querying metrics for all projects with the monitoring dashboard] for information about using the monitoring dashboard. +* See xref:../../../observability/monitoring/accessing-metrics/accessing-metrics-as-an-administrator.adoc#querying-metrics-for-all-projects-with-mon-dashboard_accessing-metrics-as-an-administrator[Querying metrics for all projects with the monitoring dashboard] for information about using the monitoring dashboard. // Collecting data include::modules/nw-metallb-collecting-data.adoc[leveloffset=+1] .Additional resources -* xref:../../support/gathering-cluster-data.adoc#gathering-cluster-data[Gathering data about your cluster] +* xref:../../../support/gathering-cluster-data.adoc#gathering-cluster-data[Gathering data about your cluster] diff --git a/networking/metallb/modules b/networking/ingress_load_balancing/metallb/modules similarity index 100% rename from networking/metallb/modules rename to networking/ingress_load_balancing/metallb/modules diff --git a/networking/ptp/snippets b/networking/ingress_load_balancing/metallb/snippets similarity index 100% rename from networking/ptp/snippets rename to networking/ingress_load_balancing/metallb/snippets diff --git a/networking/ingress_load_balancing/modules b/networking/ingress_load_balancing/modules new file mode 120000 index 0000000000..36719b9de7 --- /dev/null +++ b/networking/ingress_load_balancing/modules @@ -0,0 +1 @@ +../../modules/ \ No newline at end of file diff --git a/networking/ingress_load_balancing/routes/_attributes b/networking/ingress_load_balancing/routes/_attributes new file mode 120000 index 0000000000..20cc1dcb77 --- /dev/null +++ b/networking/ingress_load_balancing/routes/_attributes @@ -0,0 +1 @@ +../../_attributes/ \ No newline at end of file diff --git a/networking/ingress_load_balancing/routes/images b/networking/ingress_load_balancing/routes/images new file mode 120000 index 0000000000..847b03ed05 --- /dev/null +++ b/networking/ingress_load_balancing/routes/images @@ -0,0 +1 @@ +../../images/ \ No newline at end of file diff --git a/networking/ingress_load_balancing/routes/modules b/networking/ingress_load_balancing/routes/modules new file mode 120000 index 0000000000..36719b9de7 --- /dev/null +++ b/networking/ingress_load_balancing/routes/modules @@ -0,0 +1 @@ +../../modules/ \ No newline at end of file diff --git a/networking/routes/route-configuration.adoc b/networking/ingress_load_balancing/routes/route-configuration.adoc similarity index 78% rename from networking/routes/route-configuration.adoc rename to networking/ingress_load_balancing/routes/route-configuration.adoc index 991f129446..e203b46b9f 100644 --- a/networking/routes/route-configuration.adoc +++ b/networking/ingress_load_balancing/routes/route-configuration.adoc @@ -29,7 +29,7 @@ include::modules/nw-enabling-hsts-per-route.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../networking/networking_operators/ingress-operator.adoc#nw-http2-haproxy_configuring-ingress[Enabling HTTP/2 Ingress connectivity] +* xref:../../../networking/networking_operators/ingress-operator.adoc#nw-http2-haproxy_configuring-ingress[Enabling HTTP/2 Ingress connectivity] //Disabling HTTP strict transport security per-route include::modules/nw-disabling-hsts.adoc[leveloffset=+2] @@ -44,9 +44,9 @@ include::modules/nw-throughput-troubleshoot.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../nodes/edge/nodes-edge-remote-workers.adoc#nodes-edge-remote-workers-latency[Latency spikes or temporary reduction in throughput to remote workers] +* xref:../../../nodes/edge/nodes-edge-remote-workers.adoc#nodes-edge-remote-workers-latency[Latency spikes or temporary reduction in throughput to remote workers] -* xref:../../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration +* xref:../../../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration parameters] endif::[] @@ -80,4 +80,4 @@ endif::openshift-rosa,openshift-dedicated[] [role="_additional-resources"] .Additional resources -* xref:../../networking/networking_operators/ingress-operator.adoc#nw-ingress-configuring-application-domain_configuring-ingress[Specifying an alternative cluster domain using the appsDomain option] +* xref:../../../networking/networking_operators/ingress-operator.adoc#nw-ingress-configuring-application-domain_configuring-ingress[Specifying an alternative cluster domain using the appsDomain option] diff --git a/networking/routes/secured-routes.adoc b/networking/ingress_load_balancing/routes/secured-routes.adoc similarity index 92% rename from networking/routes/secured-routes.adoc rename to networking/ingress_load_balancing/routes/secured-routes.adoc index 7bd896457f..bd5bfe77f4 100644 --- a/networking/routes/secured-routes.adoc +++ b/networking/ingress_load_balancing/routes/secured-routes.adoc @@ -31,4 +31,4 @@ include::modules/nw-ingress-route-secret-load-external-cert.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* For troubleshooting routes with externally managed certificates, check the {product-title} router pod logs for errors, see xref:../../support/troubleshooting/investigating-pod-issues.adoc[Investigating pod issues]. \ No newline at end of file +* For troubleshooting routes with externally managed certificates, check the {product-title} router pod logs for errors, see xref:../../../support/troubleshooting/investigating-pod-issues.adoc#investigating-pod-issues[Investigating pod issues]. \ No newline at end of file diff --git a/networking/routes/snippets b/networking/ingress_load_balancing/routes/snippets similarity index 100% rename from networking/routes/snippets rename to networking/ingress_load_balancing/routes/snippets diff --git a/networking/ingress_load_balancing/snippets b/networking/ingress_load_balancing/snippets new file mode 120000 index 0000000000..7bf6da9a51 --- /dev/null +++ b/networking/ingress_load_balancing/snippets @@ -0,0 +1 @@ +../../snippets \ No newline at end of file diff --git a/networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc b/networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc index e13220e8c6..231ce01940 100644 --- a/networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc +++ b/networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc @@ -107,7 +107,7 @@ include::modules/virt-example-host-vrf.adoc[leveloffset=+2] .Additional resources * xref:../../networking/multiple_networks/about-virtual-routing-and-forwarding.adoc#cnf-about-virtual-routing-and-forwarding_about-virtual-routing-and-forwarding[About virtual routing and forwarding] -* xref:../../networking/metallb/metallb-configure-bgp-peers.adoc#nw-metallb-bgp-peer-vrf_configure-metallb-bgp-peers[Exposing a service through a network VRF] +* xref:../../networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc#nw-metallb-bgp-peer-vrf_configure-metallb-bgp-peers[Exposing a service through a network VRF] // Creating an InfiniBand interface on nodes include::modules/virt-creating-infiniband-interface-on-nodes.adoc[leveloffset=+1] diff --git a/networking/network_security/configuring-ipsec-ovn.adoc b/networking/network_security/configuring-ipsec-ovn.adoc index 41a80a3486..7c37738e43 100644 --- a/networking/network_security/configuring-ipsec-ovn.adoc +++ b/networking/network_security/configuring-ipsec-ovn.adoc @@ -16,8 +16,8 @@ Upgrading your cluster to {product-title} {product-version} when the `libreswan` To combine the CNO and MCO updates into a single node reboot, complete the following tasks: -* Before upgrading your cluster, set the `paused` parameter to `true` in the `MachineConfigPools` custom resource (CR) that groups compute nodes. -* After you upgrade your cluster, set the parameter to `false`. +* Before upgrading your cluster, set the `paused` parameter to `true` in the `MachineConfigPools` custom resource (CR) that groups compute nodes. +* After you upgrade your cluster, set the parameter to `false`. For more information, see xref:../../updating/updating_a_cluster/control-plane-only-update.adoc#control-plane-only-update[Performing a Control Plane Only update]. ==== @@ -91,8 +91,8 @@ include::modules/nw-ovn-ipsec-disable.adoc[leveloffset=+1] [id="{context}_additional-resources"] == Additional resources -* link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/securing_networks/configuring-a-vpn-with-ipsec_securing-networks#libreswan-as-an-ipsec-vpn-implementation_configuring-a-vpn-with-ipsec[Configuring a VPN with IPsec] in {op-system-base-full} 9 +* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/html/configuring_and_managing_networking/setting-up-an-ipsec-vpn[Configuring a VPN with IPsec] in {op-system-base-full} 10 * xref:../../installing/install_config/installing-customizing.adoc#installation-special-config-butane-install_installing-customizing[Installing Butane] * xref:../../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[About the OVN-Kubernetes Container Network Interface (CNI) network plugin] -* xref:../../networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing the MTU for the cluster network] -* xref:../../rest_api/operator_apis/network-operator-openshift-io-v1.adoc#network-operator-openshift-io-v1[Network [operator.openshift.io/v1\] API +* xref:../../networking/advanced_networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing the MTU for the cluster network] +* xref:../../rest_api/operator_apis/network-operator-openshift-io-v1.adoc#network-operator-openshift-io-v1[Network [operator.openshift.io/v1\]]API diff --git a/networking/networking_operators/aws-load-balancer-operator.adoc b/networking/networking_operators/aws-load-balancer-operator.adoc index 5fe77cdd55..05b45079e9 100644 --- a/networking/networking_operators/aws-load-balancer-operator.adoc +++ b/networking/networking_operators/aws-load-balancer-operator.adoc @@ -10,7 +10,7 @@ The AWS Load Balancer Operator is an Operator supported by Red{nbsp}Hat that use [TIP] ==== -Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../../networking/routes/route-configuration.adoc#route-configuration[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. +Load Balancers created by the AWS Load Balancer Operator cannot be used for xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#route-configuration[OpenShift Routes], and should only be used for individual services or ingress resources that do not need the full layer 7 capabilities of an OpenShift Route. ==== The link:https://kubernetes-sigs.github.io/aws-load-balancer-controller/[AWS Load Balancer Controller] manages AWS Elastic Load Balancers for a {product-title} (ROSA) cluster. The controller provisions link:https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html[AWS Application Load Balancers (ALB)] when you create Kubernetes Ingress resources and link:https://docs.aws.amazon.com/elasticloadbalancing/latest/network/introduction.html[AWS Network Load Balancers (NLB)] when implementing Kubernetes Service resources with a type of LoadBalancer. diff --git a/networking/networking_operators/aws_load_balancer_operator/configure-egress-proxy-aws-load-balancer-operator.adoc b/networking/networking_operators/aws_load_balancer_operator/configure-egress-proxy-aws-load-balancer-operator.adoc index 277253e25e..4e789fd31d 100644 --- a/networking/networking_operators/aws_load_balancer_operator/configure-egress-proxy-aws-load-balancer-operator.adoc +++ b/networking/networking_operators/aws_load_balancer_operator/configure-egress-proxy-aws-load-balancer-operator.adoc @@ -13,4 +13,4 @@ include::modules/configuring-egress-proxy.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../../../networking/configuring-a-custom-pki.adoc#certificate-injection-using-operators_configuring-a-custom-pki[Certificate injection using Operators] +* xref:../../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#certificate-injection-using-operators_configuring-a-custom-pki[Certificate injection using Operators] diff --git a/networking/networking_operators/aws_load_balancer_operator/configuring-aws-load-balancer-operator.adoc b/networking/networking_operators/aws_load_balancer_operator/configuring-aws-load-balancer-operator.adoc index 8ba9ed7417..f0aedeba02 100644 --- a/networking/networking_operators/aws_load_balancer_operator/configuring-aws-load-balancer-operator.adoc +++ b/networking/networking_operators/aws_load_balancer_operator/configuring-aws-load-balancer-operator.adoc @@ -11,7 +11,7 @@ include::modules/configuring-egress-proxy.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../../networking/configuring-a-custom-pki.adoc#certificate-injection-using-operators_configuring-a-custom-pki[Certificate injection using Operators] +* xref:../../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#certificate-injection-using-operators_configuring-a-custom-pki[Certificate injection using Operators] include::modules/adding-tls-termination.adoc[leveloffset=+1] diff --git a/networking/networking_operators/cluster-network-operator.adoc b/networking/networking_operators/cluster-network-operator.adoc index 6db590236d..6d585c096d 100644 --- a/networking/networking_operators/cluster-network-operator.adoc +++ b/networking/networking_operators/cluster-network-operator.adoc @@ -24,6 +24,6 @@ include::modules/nw-operator-cr.adoc[leveloffset=+1] [id="cluster-network-operator-additional-resources"] == Additional resources * xref:../../rest_api/operator_apis/network-operator-openshift-io-v1.adoc#network-operator-openshift-io-v1[`Network` API in the `operator.openshift.io` API group] -* xref:../../networking/configuring-cluster-network-range.adoc#nw-cluster-network-range-edit_configuring-cluster-network-range[Expanding the cluster network IP address range] +* xref:../../networking/configuring_network_settings/configuring-cluster-network-range.adoc#nw-cluster-network-range-edit_configuring-cluster-network-range[Expanding the cluster network IP address range] * link:https://access.redhat.com/solutions/6969174[How to configure OVN to use kernel routing table] \ No newline at end of file diff --git a/networking/networking_operators/ingress-operator.adoc b/networking/networking_operators/ingress-operator.adoc index 8badd69a5f..569a59ffb0 100644 --- a/networking/networking_operators/ingress-operator.adoc +++ b/networking/networking_operators/ingress-operator.adoc @@ -135,5 +135,5 @@ ifndef::openshift-rosa,openshift-dedicated[] [role="_additional-resources"] == Additional resources -* xref:../../networking/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI] +* xref:../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI] endif::openshift-rosa,openshift-dedicated[] \ No newline at end of file diff --git a/networking/networking_operators/metallb-operator/about-metallb.adoc b/networking/networking_operators/metallb-operator/about-metallb.adoc index 8fd3de52d8..75e2831d26 100644 --- a/networking/networking_operators/metallb-operator/about-metallb.adoc +++ b/networking/networking_operators/metallb-operator/about-metallb.adoc @@ -43,8 +43,8 @@ include::modules/nw-metallb-bgp-limitations.adoc[leveloffset=+2] [id="additional-resources_about-metallb-and-metallb-operator"] == Additional resources -* xref:../../../networking/configuring_ingress_cluster_traffic/overview-traffic.adoc#overview-traffic-comparision_overview-traffic[Comparison: Fault tolerant access to external IP addresses] +* xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/overview-traffic.adoc#overview-traffic-comparision_overview-traffic[Comparison: Fault tolerant access to external IP addresses] -* xref:../../../networking/configuring-ipfailover.adoc#nw-ipfailover-remove_configuring-ipfailover[Removing IP failover] +* xref:../../../networking/configuring_network_settings/configuring-ipfailover.adoc#nw-ipfailover-remove_configuring-ipfailover[Removing IP failover] * xref:../../../networking/networking_operators/metallb-operator/metallb-operator-install.adoc#nw-metallb-operator-deployment-specifications-for-metallb_metallb-operator-install[Deployment specifications for MetalLB] diff --git a/networking/networking_operators/metallb-operator/metallb-operator-install.adoc b/networking/networking_operators/metallb-operator/metallb-operator-install.adoc index b9d66092fd..4446b8f3f4 100644 --- a/networking/networking_operators/metallb-operator/metallb-operator-install.adoc +++ b/networking/networking_operators/metallb-operator/metallb-operator-install.adoc @@ -8,7 +8,7 @@ toc::[] As a cluster administrator, you can add the MetalLB Operator so that the Operator can manage the lifecycle for an instance of MetalLB on your cluster. -MetalLB and IP failover are incompatible. If you configured IP failover for your cluster, perform the steps to xref:../../../networking/configuring-ipfailover.adoc#nw-ipfailover-remove_configuring-ipfailover[remove IP failover] before you install the Operator. +MetalLB and IP failover are incompatible. If you configured IP failover for your cluster, perform the steps to xref:../../../networking/configuring_network_settings/configuring-ipfailover.adoc#nw-ipfailover-remove_configuring-ipfailover[remove IP failover] before you install the Operator. // Install the Operator with console include::modules/metallb-installing-using-web-console.adoc[leveloffset=+1] @@ -43,4 +43,4 @@ include::modules/nw-metallb-operator-setting-pod-CPU-limits.adoc[leveloffset=+2] [id="next-steps_{context}"] == Next steps -* xref:../../../networking/metallb/metallb-configure-address-pools.adoc#nw-metallb-configure-address-pool_configure-metallb-address-pools[Configuring MetalLB address pools] +* xref:../../../networking/ingress_load_balancing/metallb/metallb-configure-address-pools.adoc#nw-metallb-configure-address-pool_configure-metallb-address-pools[Configuring MetalLB address pools] diff --git a/networking/networking_overview/_attributes b/networking/networking_overview/_attributes new file mode 120000 index 0000000000..20cc1dcb77 --- /dev/null +++ b/networking/networking_overview/_attributes @@ -0,0 +1 @@ +../../_attributes/ \ No newline at end of file diff --git a/networking/about-managed-networking.adoc b/networking/networking_overview/about-managed-networking.adoc similarity index 79% rename from networking/about-managed-networking.adoc rename to networking/networking_overview/about-managed-networking.adoc index 44b2fc3bad..6838825cee 100644 --- a/networking/about-managed-networking.adoc +++ b/networking/networking_overview/about-managed-networking.adoc @@ -14,7 +14,7 @@ The following are some of the most commonly used {openshift-networking} features + * Primary cluster network provided by either of the following Container Network Interface (CNI) plugins: + -** xref:../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[OVN-Kubernetes network plugin], which is the default CNI plugin. +** xref:../../networking/ovn_kubernetes_network_provider/about-ovn-kubernetes.adoc#about-ovn-kubernetes[OVN-Kubernetes network plugin], which is the default CNI plugin. ** {OCP-short} SDN network plugin, which was deprecated in {OCP-short} 4.16 and removed in {OCP-short} 4.17. ifdef::openshift-rosa[] @@ -41,11 +41,11 @@ endif::openshift-dedicated[] * link:https://access.redhat.com/articles/7065170[{OCP-short} SDN CNI removal in OCP 4.17] ifdef::openshift-rosa[] -* xref:../networking/ovn_kubernetes_network_provider/migrate-from-openshift-sdn.adoc#migrate-from-openshift-sdn[Migrating from the OpenShift SDN network plugin to the OVN-Kubernetes network plugin] +* xref:../../networking/ovn_kubernetes_network_provider/migrate-from-openshift-sdn.adoc#migrate-from-openshift-sdn[Migrating from the OpenShift SDN network plugin to the OVN-Kubernetes network plugin] endif::openshift-rosa[] ifdef::openshift-dedicated[] -* xref:../networking/ovn_kubernetes_network_provider/migrate-from-openshift-sdn-osd.adoc#migrate-from-openshift-sdn-osd[Migrating from the OpenShift SDN network plugin to the OVN-Kubernetes network plugin] +* xref:../../networking/ovn_kubernetes_network_provider/migrate-from-openshift-sdn-osd.adoc#migrate-from-openshift-sdn-osd[Migrating from the OpenShift SDN network plugin to the OVN-Kubernetes network plugin] endif::openshift-dedicated[] diff --git a/networking/accessing-hosts.adoc b/networking/networking_overview/accessing-hosts.adoc similarity index 100% rename from networking/accessing-hosts.adoc rename to networking/networking_overview/accessing-hosts.adoc diff --git a/networking/cidr-range-definitions.adoc b/networking/networking_overview/cidr-range-definitions.adoc similarity index 90% rename from networking/cidr-range-definitions.adoc rename to networking/networking_overview/cidr-range-definitions.adoc index bfb7a01dc0..19c0fd57fe 100644 --- a/networking/cidr-range-definitions.adoc +++ b/networking/networking_overview/cidr-range-definitions.adoc @@ -49,7 +49,7 @@ ifndef::openshift-rosa,openshift-dedicated[] [role="_additional-resources"] .Additional resources -* For more information about configuring join subnets or transit subnets, see xref:../networking/ovn_kubernetes_network_provider/configure-ovn-kubernetes-subnets.adoc#configure-ovn-kubernetes-subnets[Configuring OVN-Kubernetes internal IP address subnets]. +* For more information about configuring join subnets or transit subnets, see xref:../../networking/ovn_kubernetes_network_provider/configure-ovn-kubernetes-subnets.adoc#configure-ovn-kubernetes-subnets[Configuring OVN-Kubernetes internal IP address subnets]. endif::[] [id="machine-cidr-description"] @@ -79,7 +79,7 @@ ifndef::openshift-rosa,openshift-dedicated[] [role="_additional-resources"] .Additional resources -* xref:../networking/networking_operators/cluster-network-operator.adoc#nw-operator-cr_cluster-network-operator[Cluster Network Operator configuration] +* xref:../../networking/networking_operators/cluster-network-operator.adoc#nw-operator-cr_cluster-network-operator[Cluster Network Operator configuration] endif::[] @@ -107,8 +107,8 @@ You can expand the range after cluster installation. [role="_additional-resources"] .Additional resources -* xref:../networking/networking_operators/cluster-network-operator.adoc#nw-operator-cr_cluster-network-operator[Cluster Network Operator configuration] -* xref:../networking/configuring-cluster-network-range.adoc#configuring-cluster-network-range[Configuring the cluster network range] +* xref:../../networking/networking_operators/cluster-network-operator.adoc#nw-operator-cr_cluster-network-operator[Cluster Network Operator configuration] +* xref:../../networking/configuring_network_settings/configuring-cluster-network-range.adoc#configuring-cluster-network-range[Configuring the cluster network range] endif::openshift-enterprise[] [id="host-prefix-description"] diff --git a/networking/networking_overview/images b/networking/networking_overview/images new file mode 120000 index 0000000000..847b03ed05 --- /dev/null +++ b/networking/networking_overview/images @@ -0,0 +1 @@ +../../images/ \ No newline at end of file diff --git a/networking/networking_overview/modules b/networking/networking_overview/modules new file mode 120000 index 0000000000..36719b9de7 --- /dev/null +++ b/networking/networking_overview/modules @@ -0,0 +1 @@ +../../modules/ \ No newline at end of file diff --git a/networking/networking-dashboards.adoc b/networking/networking_overview/networking-dashboards.adoc similarity index 90% rename from networking/networking-dashboards.adoc rename to networking/networking_overview/networking-dashboards.adoc index cbbd52f686..b39b4ee02e 100644 --- a/networking/networking-dashboards.adoc +++ b/networking/networking_overview/networking-dashboards.adoc @@ -10,7 +10,7 @@ Networking metrics are viewable in dashboards within the {product-title} web con [id="network-observability-operator-operator-dashboards"] == Network Observability Operator -If you have the Network Observability Operator installed, you can view network traffic metrics dashboards by selecting the *Netobserv* dashboard from the *Dashboards* drop-down list. For more information about metrics available in this *Dashboard*, see xref:../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-viewing-dashboards_metrics-dashboards-alerts[Network Observability metrics dashboards]. +If you have the Network Observability Operator installed, you can view network traffic metrics dashboards by selecting the *Netobserv* dashboard from the *Dashboards* drop-down list. For more information about metrics available in this *Dashboard*, see xref:../../observability/network_observability/metrics-alerts-dashboards.adoc#network-observability-viewing-dashboards_metrics-dashboards-alerts[Network Observability metrics dashboards]. [id="general-networking-ovnk-dashboards"] == Networking and OVN-Kubernetes dashboard diff --git a/networking/networking_overview/snippets b/networking/networking_overview/snippets new file mode 120000 index 0000000000..5a3f5add14 --- /dev/null +++ b/networking/networking_overview/snippets @@ -0,0 +1 @@ +../../snippets/ \ No newline at end of file diff --git a/networking/understanding-networking.adoc b/networking/networking_overview/understanding-networking.adoc similarity index 96% rename from networking/understanding-networking.adoc rename to networking/networking_overview/understanding-networking.adoc index 0fce56756b..ac9c7e0232 100644 --- a/networking/understanding-networking.adoc +++ b/networking/networking_overview/understanding-networking.adoc @@ -30,7 +30,7 @@ include::modules/nw-understanding-networking-concepts-components.adoc[leveloffse [role="_additional-resources"] .Additional resources -* xref:../networking/network_security/network_policy/about-network-policy.adoc#about-network-policy[About network policy] +* xref:../../networking/network_security/network_policy/about-network-policy.adoc#about-network-policy[About network policy] //Pod communication include::modules/nw-understanding-networking-how-pods-communicate.adoc[leveloffset=+1] diff --git a/networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc b/networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc index 212fb9a80d..92bb42dd7f 100644 --- a/networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc +++ b/networking/ovn_kubernetes_network_provider/configuring-egress-traffic-for-vrf-loadbalancer-services.adoc @@ -35,10 +35,10 @@ include::modules/nw-egress-service-ovn.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/metallb/metallb-configure-bgp-peers.adoc#nw-metallb-bgp-peer-vrf_configure-metallb-bgp-peers[Exposing a service through a network VRF] +* xref:../../networking/ingress_load_balancing/metallb/metallb-configure-bgp-peers.adoc#nw-metallb-bgp-peer-vrf_configure-metallb-bgp-peers[Exposing a service through a network VRF] * xref:../../networking/k8s_nmstate/k8s-nmstate-updating-node-network-config.adoc#virt-example-host-vrf_k8s-nmstate-updating-node-network-config[Example: Network interface with a VRF instance node network configuration policy] -* xref:../../networking/metallb/metallb-configure-return-traffic.adoc#metallb-configure-return-traffic[Managing symmetric routing with MetalLB] +* xref:../../networking/ingress_load_balancing/metallb/metallb-configure-return-traffic.adoc#metallb-configure-return-traffic[Managing symmetric routing with MetalLB] * xref:../../networking/multiple_networks/about-virtual-routing-and-forwarding.adoc#cnf-about-virtual-routing-and-forwarding_about-virtual-routing-and-forwarding[About virtual routing and forwarding] diff --git a/networking/ovn_kubernetes_network_provider/ovn-kubernetes-troubleshooting-sources.adoc b/networking/ovn_kubernetes_network_provider/ovn-kubernetes-troubleshooting-sources.adoc index 1d2edc4f70..7a85f74b53 100644 --- a/networking/ovn_kubernetes_network_provider/ovn-kubernetes-troubleshooting-sources.adoc +++ b/networking/ovn_kubernetes_network_provider/ovn-kubernetes-troubleshooting-sources.adoc @@ -35,5 +35,5 @@ include::modules/observability-ovs-sampling-flags.adoc[leveloffset=+2] == Additional resources * xref:../../support/gathering-cluster-data.adoc#support_gathering_data_gathering-cluster-data[Gathering data about your cluster for Red Hat Support] -* xref:../../networking/verifying-connectivity-endpoint.adoc#nw-pod-network-connectivity-implementation_verifying-connectivity-endpoint[Implementation of connection health checks] -* xref:../../networking/verifying-connectivity-endpoint.adoc#nw-pod-network-connectivity-verify_verifying-connectivity-endpoint[Verifying network connectivity for an endpoint] +* xref:../../networking/advanced_networking/verifying-connectivity-endpoint.adoc#nw-pod-network-connectivity-implementation_verifying-connectivity-endpoint[Implementation of connection health checks] +* xref:../../networking/advanced_networking/verifying-connectivity-endpoint.adoc#nw-pod-network-connectivity-verify_verifying-connectivity-endpoint[Verifying network connectivity for an endpoint] diff --git a/nodes/containers/nodes-containers-sysctls.adoc b/nodes/containers/nodes-containers-sysctls.adoc index 7a6aa493ae..85914ff051 100644 --- a/nodes/containers/nodes-containers-sysctls.adoc +++ b/nodes/containers/nodes-containers-sysctls.adoc @@ -47,6 +47,6 @@ include::modules/nodes-containers-sysctls-unsafe.adoc[leveloffset=+1] [id="additional-resources_nodes-containers-sysctls"] == Additional resources -* xref:../../networking/configure-syscontrols-interface-tuning-cni.adoc#nw-configuring-tuning-cni_configure-syscontrols-interface-tuning-cni[Configuring system controls by using the tuning CNI] +* xref:../../networking/configuring_network_settings/configure-syscontrols-interface-tuning-cni.adoc#nw-configuring-tuning-cni_configure-syscontrols-interface-tuning-cni[Configuring system controls by using the tuning CNI] * xref:../../scalability_and_performance/using-node-tuning-operator.adoc#using-node-tuning-operator[Using the Node Tuning Operator] \ No newline at end of file diff --git a/operators/admin/olm-configuring-proxy-support.adoc b/operators/admin/olm-configuring-proxy-support.adoc index 5d020a222a..2a4850880f 100644 --- a/operators/admin/olm-configuring-proxy-support.adoc +++ b/operators/admin/olm-configuring-proxy-support.adoc @@ -13,15 +13,15 @@ If a global proxy is configured on the {product-title} cluster, Operator Lifecyc // Configuring the cluster-wide proxy is a different topic in OSD/ROSA. ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] -* xref:../../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] +* xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] ifdef::openshift-dedicated,openshift-rosa[] -* xref:../../networking/configuring-cluster-wide-proxy.adoc[Configuring a cluster-wide proxy] +* xref:../../networking/configuring-cluster-wide-proxy.adoc#configuring-cluster-wide-proxy[Configuring a cluster-wide proxy] endif::openshift-dedicated,openshift-rosa[] // This xref points to a topic that is not currently included in the OSD and ROSA docs. ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] -* xref:../../networking/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI] (custom CA certificate) +* xref:../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI] (custom CA certificate) endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[] include::modules/olm-overriding-proxy-settings.adoc[leveloffset=+1] diff --git a/post_installation_configuration/configuring-private-cluster.adoc b/post_installation_configuration/configuring-private-cluster.adoc index fcb32dd627..c0bf806b05 100644 --- a/post_installation_configuration/configuring-private-cluster.adoc +++ b/post_installation_configuration/configuring-private-cluster.adoc @@ -18,7 +18,7 @@ include::modules/private-clusters-setting-api-private.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../networking/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingresscontroller-change-internal_nw-configuring-ingress-controller-endpoint-publishing-strategy[Configuring the Ingress Controller endpoint publishing scope to Internal] +* xref:../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/nw-configuring-ingress-controller-endpoint-publishing-strategy.adoc#nw-ingresscontroller-change-internal_nw-configuring-ingress-controller-endpoint-publishing-strategy[Configuring the Ingress Controller endpoint publishing scope to Internal] include::modules/registry-configuring-private-storage-endpoint-azure.adoc[leveloffset=+1] diff --git a/post_installation_configuration/post-install-network-configuration.adoc b/post_installation_configuration/post-install-network-configuration.adoc index 16e88393c5..0898b5af5d 100644 --- a/post_installation_configuration/post-install-network-configuration.adoc +++ b/post_installation_configuration/post-install-network-configuration.adoc @@ -17,9 +17,9 @@ For more information, see xref:../networking/networking_operators/cluster-networ [id="post-install-network-configuration-tasks"] == Network configuration tasks -* xref:../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] -* xref:../networking/configuring_ingress_cluster_traffic/overview-traffic.adoc#overview-traffic[Configuring ingress cluster traffic overview] -* xref:../networking/configuring-node-port-service-range.adoc#configuring-node-port-service-range[Configuring the node port service range] +* xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] +* xref:../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/overview-traffic.adoc#overview-traffic[Configuring ingress cluster traffic overview] +* xref:../networking/configuring_network_settings/configuring-node-port-service-range.adoc#configuring-node-port-service-range[Configuring the node port service range] * xref:../networking/network_security/configuring-ipsec-ovn.adoc#configuring-ipsec-ovn[Configuring IPsec encryption] * xref:../networking/network_security/network_policy/creating-network-policy.adoc#creating-network-policy[Create a network policy] or xref:../networking/network_security/network_policy/multitenant-network-policy.adoc#multitenant-network-policy[configure multitenant isolation with network policies] * xref:../scalability_and_performance/optimization/routing-optimization.adoc#routing-optimization[Optimizing routing] diff --git a/release_notes/ocp-4-19-release-notes.adoc b/release_notes/ocp-4-19-release-notes.adoc index 5a02fb290a..da8dc3a366 100644 --- a/release_notes/ocp-4-19-release-notes.adoc +++ b/release_notes/ocp-4-19-release-notes.adoc @@ -778,17 +778,17 @@ For more information, see (link:https://issues.redhat.com/browse/OCPBUGS-42671[O [id="ocp-4-19-networking-support-load-secrets_{context}"] ==== Creating a route with externally managed certificate (General Availability) -With this release, {product-title} routes can be configured with third-party certificate management solutions, utilizing the `.spec.tls.externalCertificate` field in the route API. This allows you to reference externally managed TLS certificates through secrets, streamlining the process by eliminating manual certificate management. By using externally managed certificates, you reduce errors, ensure a smoother certificate update process, and enable the OpenShift router to promptly serve renewed certificates. For more information, see xref:../networking/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[Creating a route with externally managed certificate]. +With this release, {product-title} routes can be configured with third-party certificate management solutions, utilizing the `.spec.tls.externalCertificate` field in the route API. This allows you to reference externally managed TLS certificates through secrets, streamlining the process by eliminating manual certificate management. By using externally managed certificates, you reduce errors, ensure a smoother certificate update process, and enable the OpenShift router to promptly serve renewed certificates. For more information, see xref:../networking/ingress_load_balancing/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[Creating a route with externally managed certificate]. [id="ocp-4-19-networking-gateway-api-controller_{context}"] ==== Support for using Gateway API to configure cluster ingress traffic (General Availability) With this release, support for managing ingress cluster traffic using Gateway API resources is Generally Available. Gateway API provides a robust networking solution within the transport layer, L4, and the application layer, L7, for {product-title} clusters using a standardized open source ecosystem. -For more information, see xref:../networking/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc#ingress-gateway-api[Gateway API with {product-title} networking]. +For more information, see xref:../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc#ingress-gateway-api[Gateway API with {product-title} networking]. [IMPORTANT] ==== -Gateway API resources must conform to the supported {product-title} API surface. This means you cannot use another vendor-specific resource, such as Istio's VirtualService, with {product-title}'s implementation of Gateway API. For more information, see xref:../networking/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc#nw-ingress-gateway-api-implementation[Gateway API implementation for {product-title}]. +Gateway API resources must conform to the supported {product-title} API surface. This means you cannot use another vendor-specific resource, such as Istio's VirtualService, with {product-title}'s implementation of Gateway API. For more information, see xref:../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc#nw-ingress-gateway-api-implementation[Gateway API implementation for {product-title}]. ==== [id="ocp-4-19-networking-gateway-api-crd-lifecycle_{context}"] @@ -810,7 +810,7 @@ You can enable the Open vSwitch (OVS) `balance-slb` mode on infrastructure where ==== Allocate API and ingress load balancers to specific subnets With this release, you can now allocate load balancers to customize deployments when installing an {product-title} cluster on AWS. This feature ensures optimal traffic distribution, high application availability, uninterrupted service, and network segmentation. -For more information, see xref:../installing/installing_aws/installation-config-parameters-aws.adoc#installation-configuration-parameters-network_installation-config-parameters-aws[Installation configuration parameters on AWS] and xref:../networking/configuring_ingress_cluster_traffic/allocating-load-balancers.adoc#allocating-load-balancers[Allocating load balancers to specific subnets]. +For more information, see xref:../installing/installing_aws/installation-config-parameters-aws.adoc#installation-configuration-parameters-network_installation-config-parameters-aws[Installation configuration parameters on AWS] and xref:../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/allocating-load-balancers.adoc#allocating-load-balancers[Allocating load balancers to specific subnets]. [id="ocp-4-19-networking-ptp-dual-oc_{context}"] ==== Dual-port NICs for improved redundancy in PTP ordinary clocks (Technology Preview) @@ -822,7 +822,7 @@ Available as a Technology Preview, in a dual-port NIC configuration for an ordin You can configure PTP ordinary clocks with added redundancy on `x86` architecture nodes with dual-port NICs only. ==== -For more information, see xref:../networking/ptp/about-ptp.adoc#ptp-dual-ports-oc_about-ptp[Using dual-port NICs to improve redundancy for PTP ordinary clocks]. +For more information, see xref:../networking/advanced_networking/ptp/about-ptp.adoc#ptp-dual-ports-oc_about-ptp[Using dual-port NICs to improve redundancy for PTP ordinary clocks]. [id="ocp-4-19-networking-conditional-webhook_{context}"] ==== Support for conditional webhook matching in the SR-IOV Network Operator @@ -870,7 +870,7 @@ With this release, the PTP events REST API v1 and events consumer application si You must use the O-RAN compliant PTP events REST API v2 instead. -For more information, see xref:../networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#ptp-cloud-events-consumer-dev-reference-v2[Developing PTP event consumer applications with the REST API v2]. +For more information, see xref:../networking/advanced_networking/ptp/ptp-cloud-events-consumer-dev-reference-v2.adoc#ptp-cloud-events-consumer-dev-reference-v2[Developing PTP event consumer applications with the REST API v2]. [id="ocp-4-19-sr-iov-arm_{context}"] ==== Deploying the SR-IOV Network Operator on a cluster that runs on ARM architecture diff --git a/scalability_and_performance/optimization/optimizing-networking.adoc b/scalability_and_performance/optimization/optimizing-networking.adoc index 9343c4475e..4d8a28b7f1 100644 --- a/scalability_and_performance/optimization/optimizing-networking.adoc +++ b/scalability_and_performance/optimization/optimizing-networking.adoc @@ -29,7 +29,7 @@ include::modules/optimizing-mtu-networking.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing cluster network MTU] +* xref:../../networking/advanced_networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing cluster network MTU] // Recommended practices for installing large scale clusters include::modules/recommended-install-practices.adoc[leveloffset=+1] diff --git a/scalability_and_performance/optimization/routing-optimization.adoc b/scalability_and_performance/optimization/routing-optimization.adoc index 13ab2c44fc..d460bca19e 100644 --- a/scalability_and_performance/optimization/routing-optimization.adoc +++ b/scalability_and_performance/optimization/routing-optimization.adoc @@ -10,7 +10,7 @@ The {product-title} HAProxy router can be scaled or configured to optimize perfo include::modules/baseline-router-performance.adoc[leveloffset=+1] -For more information on Ingress sharding, see xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding-route-labels_configuring-ingress-cluster-traffic-ingress-controller[Configuring Ingress Controller sharding by using route labels] and xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding-namespace-labels_configuring-ingress-cluster-traffic-ingress-controller[Configuring Ingress Controller sharding by using namespace labels]. +For more information on Ingress sharding, see xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding-route-labels_configuring-ingress-cluster-traffic-ingress-controller[Configuring Ingress Controller sharding by using route labels] and xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#nw-ingress-sharding-namespace-labels_configuring-ingress-cluster-traffic-ingress-controller[Configuring Ingress Controller sharding by using namespace labels]. You can modify the Ingress Controller deployment by using the information provided in xref:../../networking/networking_operators/ingress-operator.adoc#nw-ingress-setting-thread-count_configuring-ingress[Setting Ingress Controller thread count] for threads and xref:../../networking/networking_operators/ingress-operator.adoc#nw-ingress-controller-configuration-parameters_configuring-ingress[Ingress Controller configuration parameters] for timeouts, and other tuning configurations in the Ingress Controller specification. diff --git a/scalability_and_performance/telco-core-rds.adoc b/scalability_and_performance/telco-core-rds.adoc index 8ba6264ff6..7f4c89a37a 100644 --- a/scalability_and_performance/telco-core-rds.adoc +++ b/scalability_and_performance/telco-core-rds.adoc @@ -65,7 +65,7 @@ include::modules/telco-core-networking.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../networking/understanding-networking.adoc#understanding-networking[Understanding networking] +* xref:../networking/networking_overview/understanding-networking.adoc#understanding-networking[Understanding networking] include::modules/telco-core-cluster-network-operator.adoc[leveloffset=+3] diff --git a/scalability_and_performance/telco-hub-rds.adoc b/scalability_and_performance/telco-hub-rds.adoc index ea73842819..2e7b232092 100644 --- a/scalability_and_performance/telco-hub-rds.adoc +++ b/scalability_and_performance/telco-hub-rds.adoc @@ -60,9 +60,9 @@ include::modules/telco-hub-networking.adoc[leveloffset=+1] * xref:../disconnected/installing.adoc#installing-disconnected-environments[Installing a cluster in a disconnected environment] * xref:../disconnected/using-olm.adoc#olm-restricted-networks[Using Operator Lifecycle Manager on restricted networks] * xref:../edge_computing/ztp-preparing-the-hub-cluster.adoc#ztp-configuring-the-cluster-for-a-disconnected-environment_ztp-preparing-the-hub-cluster[Configuring the hub cluster to use a disconnected mirror registry] -* xref:../networking/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions] +* xref:../networking/networking_overview/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions] * xref:../installing/overview/index.adoc#ocp-installation-overview[Installing {product-title}] -* xref:../networking/understanding-networking.adoc#understanding-networking[Networking in {product-title}] +* xref:../networking/networking_overview/understanding-networking.adoc#understanding-networking[Networking in {product-title}] * link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html-single/networking/index[Networking in {rh-rhacm}] * link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#mce-network-configuration[Network configuration in {rh-rhacm}] diff --git a/security/cert_manager_operator/cert-manager-securing-routes.adoc b/security/cert_manager_operator/cert-manager-securing-routes.adoc index 7a62de4375..b9665cf905 100644 --- a/security/cert_manager_operator/cert-manager-securing-routes.adoc +++ b/security/cert_manager_operator/cert-manager-securing-routes.adoc @@ -6,7 +6,7 @@ include::_attributes/common-attributes.adoc[] toc::[] -In the {product-title}, the route API is extended to provide a configurable option to reference TLS certificates via secrets. With xref:../../networking/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[externally managed certificates] enabled, you can minimize errors from manual intervention, streamline the certificate management process, and enable the {product-title} router to promptly serve the referenced certificate. +In the {product-title}, the route API is extended to provide a configurable option to reference TLS certificates via secrets. With xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[externally managed certificates] enabled, you can minimize errors from manual intervention, streamline the certificate management process, and enable the {product-title} router to promptly serve the referenced certificate. include::modules/cert-manager-configuring-routes.adoc[leveloffset=+1] @@ -14,6 +14,6 @@ include::modules/cert-manager-configuring-routes.adoc[leveloffset=+1] [id="additional-resources_{context}"] == Additional resources -* xref:../../networking/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[Creating a route with externally managed certificate] +* xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#nw-ingress-route-secret-load-external-cert_secured-routes[Creating a route with externally managed certificate] * xref:../../security/cert_manager_operator/cert-manager-operator-issuer-acme.adoc#cert-manager-operator-issuer-acme[Configuring an ACME issuer] \ No newline at end of file diff --git a/security/certificate_types_descriptions/proxy-certificates.adoc b/security/certificate_types_descriptions/proxy-certificates.adoc index 50622d1076..84e89571e0 100644 --- a/security/certificate_types_descriptions/proxy-certificates.adoc +++ b/security/certificate_types_descriptions/proxy-certificates.adoc @@ -32,7 +32,7 @@ data: [role="_additional-resources"] === Additional resources -* xref:../../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] +* xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy] == Managing proxy certificates during installation diff --git a/security/certificates/service-serving-certificate.adoc b/security/certificates/service-serving-certificate.adoc index 5f45ab2296..c8775cb82a 100644 --- a/security/certificates/service-serving-certificate.adoc +++ b/security/certificates/service-serving-certificate.adoc @@ -12,7 +12,7 @@ include::modules/customize-certificates-add-service-serving.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* You can use a service certificate to configure a secure route using reencrypt TLS termination. For more information, see xref:../../networking/routes/secured-routes.adoc#nw-ingress-creating-a-reencrypt-route-with-a-custom-certificate_secured-routes[Creating a re-encrypt route with a custom certificate]. +* You can use a service certificate to configure a secure route using reencrypt TLS termination. For more information, see xref:../../networking/ingress_load_balancing/routes/secured-routes.adoc#nw-ingress-creating-a-reencrypt-route-with-a-custom-certificate_secured-routes[Creating a re-encrypt route with a custom certificate]. include::modules/customize-certificates-add-service-serving-configmap.adoc[leveloffset=+1] diff --git a/security/certificates/updating-ca-bundle.adoc b/security/certificates/updating-ca-bundle.adoc index 96ad6e686a..25e1c4502f 100644 --- a/security/certificates/updating-ca-bundle.adoc +++ b/security/certificates/updating-ca-bundle.adoc @@ -16,5 +16,5 @@ include::modules/ca-bundle-replacing.adoc[leveloffset=+1] == Additional resources * xref:../../security/certificates/replacing-default-ingress-certificate.adoc#replacing-default-ingress_replacing-default-ingress[Replacing the default ingress certificate] -* xref:../../networking/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Enabling the cluster-wide proxy] +* xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#nw-proxy-configure-object_config-cluster-wide-proxy[Enabling the cluster-wide proxy] * xref:../../security/certificate_types_descriptions/proxy-certificates.adoc#customization[Proxy certificate customization] diff --git a/security/container_security/security-network.adoc b/security/container_security/security-network.adoc index 294c386155..e1ffbe30c3 100644 --- a/security/container_security/security-network.adoc +++ b/security/container_security/security-network.adoc @@ -38,7 +38,7 @@ include::modules/security-network-ingress.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#configuring-ingress-cluster-traffic-ingress-controller[Configuring ingress cluster traffic] +* xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-ingress-controller.adoc#configuring-ingress-cluster-traffic-ingress-controller[Configuring ingress cluster traffic] // Egress traffic include::modules/security-network-egress.adoc[leveloffset=+1] diff --git a/serverless/install/install-serverless-operator.adoc b/serverless/install/install-serverless-operator.adoc index 4e7802f325..461558b42b 100644 --- a/serverless/install/install-serverless-operator.adoc +++ b/serverless/install/install-serverless-operator.adoc @@ -41,7 +41,7 @@ ifdef::openshift-enterprise[] == Additional resources * xref:../../operators/understanding/crds/crd-managing-resources-from-crds.adoc[Managing resources from custom resource definitions] * xref:../../storage/understanding-persistent-storage.adoc#understanding-persistent-storage[Understanding persistent storage] -* xref:../../networking/configuring-a-custom-pki.adoc[Configuring a custom PKI] +* xref:../../networking/configuring_network_settings/configuring-a-custom-pki.adoc#configuring-a-custom-pki[Configuring a custom PKI] endif::[] [id="next-steps_install-serverless-operator"] diff --git a/serverless/knative-serving/external-ingress-routing/routing-overview.adoc b/serverless/knative-serving/external-ingress-routing/routing-overview.adoc index 53780ec394..2fc7e6f4f0 100644 --- a/serverless/knative-serving/external-ingress-routing/routing-overview.adoc +++ b/serverless/knative-serving/external-ingress-routing/routing-overview.adoc @@ -15,5 +15,5 @@ ifdef::openshift-enterprise[] [id="additional-resources_serverless-configuring-routes"] [role="_additional-resources"] == Additional resources -* xref:../../../networking/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations] +* xref:../../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations] endif::[] diff --git a/service_mesh/v2x/ossm-route-migration.adoc b/service_mesh/v2x/ossm-route-migration.adoc index 1f8657937f..1889def677 100644 --- a/service_mesh/v2x/ossm-route-migration.adoc +++ b/service_mesh/v2x/ossm-route-migration.adoc @@ -14,5 +14,5 @@ include::modules/ossm-migrating-from-ior-to-explicitly-managed-routes.adoc[level [id="additional-resources_{context}"] == Additional resources -* xref:../../networking/routes/route-configuration.adoc#nw-creating-a-route_route-configuration[Creating an HTTP-based Route] +* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-creating-a-route_route-configuration[Creating an HTTP-based Route] * xref:../../service_mesh/v2x/ossm-traffic-manage.adoc#ossm-auto-route_traffic-management[Understanding automatic routes] diff --git a/service_mesh/v2x/ossm-traffic-manage.adoc b/service_mesh/v2x/ossm-traffic-manage.adoc index e1a2c4cf32..8c375a9c29 100644 --- a/service_mesh/v2x/ossm-traffic-manage.adoc +++ b/service_mesh/v2x/ossm-traffic-manage.adoc @@ -24,7 +24,7 @@ ifdef::openshift-enterprise[] [role="_additional-resources"] .Additional resources -* xref:../../networking/configuring-node-port-service-range.adoc#configuring-node-port-service-range[Configuring the node port service range] +* xref:../../networking/configuring_network_settings/configuring-node-port-service-range.adoc#configuring-node-port-service-range[Configuring the node port service range] endif::[] include::modules/ossm-routing-gateways.adoc[leveloffset=+2] @@ -57,7 +57,7 @@ include::modules/ossm-auto-route-annotations.adoc[leveloffset=+2] ifdef::openshift-enterprise[] .Additional resources -* xref:../../networking/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations]. +* xref:../../networking/ingress_load_balancing/routes/route-configuration.adoc#nw-route-specific-annotations_route-configuration[Route-specific annotations]. endif::[] include::modules/ossm-auto-route-enable.adoc[leveloffset=+2] diff --git a/support/troubleshooting/rosa-troubleshooting-deployments.adoc b/support/troubleshooting/rosa-troubleshooting-deployments.adoc index 74f149380a..8582db057a 100644 --- a/support/troubleshooting/rosa-troubleshooting-deployments.adoc +++ b/support/troubleshooting/rosa-troubleshooting-deployments.adoc @@ -33,7 +33,7 @@ include::modules/rosa-troubleshooting-invalidinstallconfigsubnet-failure-deploym ifndef::openshift-rosa-hcp[] [role="_additional-resources"] .Additional resources -* xref:../../networking/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions] +* xref:../../networking/networking_overview/cidr-range-definitions.adoc#cidr-range-definitions[CIDR range definitions] endif::openshift-rosa-hcp[] include::modules/rosa-troubleshooting-awsinsufficientpermission-failure-deployment.adoc[leveloffset=+1] diff --git a/updating/preparing_for_updates/updating-cluster-prepare.adoc b/updating/preparing_for_updates/updating-cluster-prepare.adoc index d6a3be73ce..c7179ce6d7 100644 --- a/updating/preparing_for_updates/updating-cluster-prepare.adoc +++ b/updating/preparing_for_updates/updating-cluster-prepare.adoc @@ -69,7 +69,7 @@ include::modules/nw-ingress-gateway-api-manage-succession.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../networking/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc#nw-ingress-gateway-api-implementation[Gateway API implementation for {product-title}] +* xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/ingress-gateway-api.adoc#nw-ingress-gateway-api-implementation[Gateway API implementation for {product-title}] // Best practices for cluster updates include::modules/update-best-practices.adoc[leveloffset=+1] diff --git a/virt/vm_networking/virt-accessing-vm-secondary-network-fqdn.adoc b/virt/vm_networking/virt-accessing-vm-secondary-network-fqdn.adoc index 1ac19567d8..44099c7c07 100644 --- a/virt/vm_networking/virt-accessing-vm-secondary-network-fqdn.adoc +++ b/virt/vm_networking/virt-accessing-vm-secondary-network-fqdn.adoc @@ -20,7 +20,7 @@ include::modules/virt-connecting-vm-secondarynw-using-fqdn.adoc[leveloffset=+1] == Additional resources // Hiding until OSDOCS-3691 is merged ifndef::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] -* xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc#configuring-ingress-cluster-traffic-load-balancer[Configuring ingress cluster traffic using a load balancer] +* xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc#configuring-ingress-cluster-traffic-load-balancer[Configuring ingress cluster traffic using a load balancer] * xref:../../networking/networking_operators/metallb-operator/about-metallb.adoc#about-metallb_about-metallb[About MetalLB and the MetalLB Operator] endif::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] * xref:../../virt/vm_networking/virt-configuring-viewing-ips-for-vms.adoc#configuring-ips_virt-configuring-viewing-ips-for-vms[Configuring IP addresses for virtual machines] diff --git a/virt/vm_networking/virt-connecting-vm-to-default-pod-network.adoc b/virt/vm_networking/virt-connecting-vm-to-default-pod-network.adoc index 3f8da3c661..692a459b15 100644 --- a/virt/vm_networking/virt-connecting-vm-to-default-pod-network.adoc +++ b/virt/vm_networking/virt-connecting-vm-to-default-pod-network.adoc @@ -25,6 +25,6 @@ ifndef::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] [role="_additional-resources"] [id="additional-resources_virt-connecting-vm-to-default-pod-network"] == Additional resources -* xref:../../networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing the MTU for the cluster network] +* xref:../../networking/advanced_networking/changing-cluster-network-mtu.adoc#changing-cluster-network-mtu[Changing the MTU for the cluster network] * xref:../../scalability_and_performance/optimization/optimizing-networking.adoc#optimizing-mtu_optimizing-networking[Optimizing the MTU for your network] endif::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] \ No newline at end of file diff --git a/virt/vm_networking/virt-exposing-vm-with-service.adoc b/virt/vm_networking/virt-exposing-vm-with-service.adoc index 33bd14ab75..8a51a91d8c 100644 --- a/virt/vm_networking/virt-exposing-vm-with-service.adoc +++ b/virt/vm_networking/virt-exposing-vm-with-service.adoc @@ -15,7 +15,7 @@ ifndef::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] [role="_additional-resources"] .Additional resources * xref:../../networking/networking_operators/metallb-operator/metallb-operator-install.adoc#metallb-operator-install_metallb-operator-install[Installing the MetalLB Operator] -* xref:../../networking/metallb/metallb-configure-services.adoc#metallb-configure-services[Configuring services to use MetalLB] +* xref:../../networking/ingress_load_balancing/metallb/metallb-configure-services.adoc#metallb-configure-services[Configuring services to use MetalLB] endif::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] include::modules/virt-dual-stack-support-services.adoc[leveloffset=+1] @@ -26,6 +26,6 @@ ifndef::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] [role="_additional-resources"] [id="additional-resources_creating-service-vm"] == Additional resources -* xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#configuring-ingress-cluster-traffic-nodeport[Configuring ingress cluster traffic using a NodePort] -* xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc#configuring-ingress-cluster-traffic-load-balancer[Configuring ingress cluster traffic using a load balancer] +* xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-nodeport.adoc#configuring-ingress-cluster-traffic-nodeport[Configuring ingress cluster traffic using a NodePort] +* xref:../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.adoc#configuring-ingress-cluster-traffic-load-balancer[Configuring ingress cluster traffic using a load balancer] endif::openshift-rosa,openshift-dedicated,openshift-rosa-hcp[] diff --git a/welcome/learn_more_about_openshift.adoc b/welcome/learn_more_about_openshift.adoc index ed4582f1a4..3f57754e84 100644 --- a/welcome/learn_more_about_openshift.adoc +++ b/welcome/learn_more_about_openshift.adoc @@ -42,7 +42,7 @@ Use the following sections to find content to help you learn about and better un | xref:../architecture/architecture.adoc#architecture[Architecture] | xref:../security/container_security/security-understanding.adoc#understanding-security[Security and compliance] -| xref:../networking/understanding-networking.adoc#understanding-networking[Networking] +| xref:../networking/networking_overview/understanding-networking.adoc#understanding-networking[Networking] | xref:../networking/ovn_kubernetes_network_provider/ovn-kubernetes-architecture-assembly.adoc#ovn-kubernetes-architecture-con[OVN-Kubernetes architecture] | xref:../backup_and_restore/index.adoc#backup-restore-overview[Backup and restore] @@ -162,7 +162,7 @@ a|* xref:../machine_management/index.adoc#machine-api-overview_overview-of-machi | Manage xref:../security/certificates/replacing-default-ingress-certificate.adoc#replacing-default-ingress[Ingress], xref:../security/certificates/api-server.adoc#api-server-certificates[API server], and xref:../security/certificates/service-serving-certificate.adoc#add-service-serving[Service] certificates | xref:../networking/network_security/network-policy-apis.adoc#network-policy-apis[Network security] -| xref:../networking/understanding-networking.adoc#understanding-networking[Manage networking] +| xref:../networking/networking_overview/understanding-networking.adoc#understanding-networking[Manage networking] a|* xref:../networking/networking_operators/cluster-network-operator.adoc#nw-cluster-network-operator_cluster-network-operator[Cluster Network Operator] * xref:../networking/multiple_networks/understanding-multiple-networks.adoc#understanding-multiple-networks[Multiple network interfaces] * xref:../networking/network_security/network_policy/about-network-policy.adoc#about-network-policy[Network policy] diff --git a/windows_containers/enabling-windows-container-workloads.adoc b/windows_containers/enabling-windows-container-workloads.adoc index 535d60bcd7..91397a7803 100644 --- a/windows_containers/enabling-windows-container-workloads.adoc +++ b/windows_containers/enabling-windows-container-workloads.adoc @@ -57,7 +57,7 @@ include::modules/wmco-cluster-wide-proxy.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../networking/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy]. +* xref:../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy]. include::modules/wmco-disconnected-cluster.adoc[leveloffset=+1]