openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

VPC shared update

Browse Source
This commit is contained in:
mletalie
2023-11-09 14:12:20 -05:00
committed by openshift-cherrypick-robot
parent 2fb27cb807
commit 52adfe0041
2 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/deleting-cluster.adoc
View File

@@ -22,5 +22,5 @@ You can delete your {product-title} cluster in {cluster-manager-first}.
+
[NOTE]
====
If you delete a cluster that was installed into a GCP shared VPC, inform the Shared VPC Admin of the host project to remove the IAM policy roles granted to the service account that was referenced during cluster creation.
If you delete a cluster that was installed into a GCP Shared VPC, inform the Shared VPC Admin of the host project to remove the IAM policy roles granted to the service account that was referenced during cluster creation.
====

16
modules/osd-create-cluster-ccs.adoc
View File

@@ -216,22 +216,22 @@ endif::osd-on-gcp[]
. Click *Next*.
ifdef::osd-on-gcp[]
. Optional: To install the cluster into a GCP shared VPC:
. Optional: To install the cluster into a GCP Shared VPC:
+
[IMPORTANT]
====
To install a cluster into a shared VPC, you must use {product-title} version 4.13.15 or above. Additionally, the shared VPC administrator must enable a project as a host project in their Google Cloud console. For more information, see link:https://cloud.google.com/vpc/docs/provisioning-shared-vpc#set-up-shared-vpc[Enable a host project].
To install a cluster into a Shared VPC, you must use {product-title} version 4.13.15 or above. Additionally, the Shared VPC Admin must enable a project as a host project in their Google Cloud console. For more information, see link:https://cloud.google.com/vpc/docs/provisioning-shared-vpc#set-up-shared-vpc[Enable a host project].
====
.. Select *Install into GCP shared VPC*.
.. Specify the **Host project ID**. If the specified host project ID is incorrect, cluster creation fails.
.. Select *Install into GCP Shared VPC*.
.. Specify the *Host project ID*. If the specified host project ID is incorrect, cluster creation fails.
+
[IMPORTANT]
====
Once you complete the steps within the cluster configuration wizard and click **Create Cluster**, the cluster will go into the "Installation Waiting" state. At this point, you must contact the Shared VPC Admin of the host project, who must assign the dynamically-generated service account the following roles: **Computer Network Administrator**, **Compute Security Administrator**, and **DNS Administrator**.
Once you complete the steps within the cluster configuration wizard and click *Create Cluster*, the cluster will go into the "Installation Waiting" state. At this point, you must contact the Shared VPC Admin of the host project, who must assign the dynamically-generated service account the following roles: *Computer Network Administrator*, *Compute Security Administrator*, and *DNS Administrator*.
The Shared VPC Admin of the host project has 30 days to grant the listed permissions before the cluster creation fails.
For information about GCP shared VPC permissions, see link:https://cloud.google.com/vpc/docs/provisioning-shared-vpc#migs-service-accounts[Provision Shared VPC].
For information about Shared VPC permissions, see link:https://cloud.google.com/vpc/docs/provisioning-shared-vpc#migs-service-accounts[Provision Shared VPC].
====
endif::osd-on-gcp[]
+
@@ -255,7 +255,7 @@ ifdef::osd-on-gcp[]
+
[NOTE]
====
If you are installing a cluster into a GCP shared VPC, the VPC name and subnets are shared from the host project.
If you are installing a cluster into a Shared VPC, the VPC name and subnets are shared from the host project.
====
endif::osd-on-gcp[]
. If you opted to configure a cluster-wide proxy, provide your proxy configuration details on the *Cluster-wide proxy* page:
@@ -318,7 +318,7 @@ In the event of critical security concerns that significantly impact the securit
ifdef::osd-on-gcp[]
[NOTE]
====
If you delete a cluster that was installed into a GCP shared VPC, inform the Shared VPC Admin of the host project to remove the IAM policy roles granted to the service account that was referenced during cluster creation.
If you delete a cluster that was installed into a GCP Shared VPC, inform the Shared VPC Admin of the host project to remove the IAM policy roles granted to the service account that was referenced during cluster creation.
====
endif::osd-on-gcp[]