From 63049049e00e03d7f23de7e69bb6c261ae557be3 Mon Sep 17 00:00:00 2001 From: Ben Scott Date: Wed, 10 Apr 2024 14:12:55 -0400 Subject: [PATCH] OSDOCS#10082 Reworking AWS topic map/TOC --- _topic_maps/_topic_map.yml | 72 ++++++++------- _unused_topics/manually-creating-iam.adoc | 43 --------- .../cco-mode-manual.adoc | 2 +- .../cco-mode-passthrough.adoc | 8 +- .../cco-short-term-creds.adoc | 4 +- contributing_to_docs/doc_guidelines.adoc | 2 +- installing/cluster-capabilities.adoc | 2 +- ...talling-mirroring-installation-images.adoc | 2 +- installing/installing-fips.adoc | 2 +- installing/installing-preparing.adoc | 74 ++++++++-------- .../installing-aws-account.adoc | 10 +-- .../installing-aws-three-node.adoc | 4 +- installing/installing_aws/ipi/_attributes | 1 + installing/installing_aws/ipi/images | 1 + .../{ => ipi}/installing-aws-china.adoc | 32 +++---- .../installing-aws-customizations.adoc | 32 +++---- .../{ => ipi}/installing-aws-default.adoc | 20 ++--- .../installing-aws-government-region.adoc | 32 +++---- .../{ => ipi}/installing-aws-localzone.adoc | 69 +++++++++++---- ...installing-aws-network-customizations.adoc | 36 ++++---- .../{ => ipi}/installing-aws-outposts.adoc | 4 +- .../{ => ipi}/installing-aws-private.adoc | 32 +++---- .../installing-aws-secret-region.adoc | 30 +++---- .../{ => ipi}/installing-aws-vpc.adoc | 34 +++---- .../installing-aws-wavelength-zone.adoc | 82 ++++++++++++----- ...ed-networks-aws-installer-provisioned.adoc | 38 ++++---- installing/installing_aws/ipi/modules | 1 + installing/installing_aws/ipi/snippets | 1 + installing/installing_aws/modules | 2 +- .../preparing-to-install-on-aws.adoc | 22 ++--- installing/installing_aws/upi/_attributes | 1 + installing/installing_aws/upi/images | 1 + .../{ => upi}/installing-aws-user-infra.adoc | 32 +++---- .../installing-restricted-networks-aws.adoc | 44 +++++----- installing/installing_aws/upi/modules | 1 + installing/installing_aws/upi/snippets | 1 + .../install-sno-installing-sno.adoc | 2 +- installing/installing_vsphere/ipi/images | 2 +- .../adding-aws-compute-user-infra.adoc | 4 +- modules/aws-zones-prerequisites.adoc | 88 ------------------- ...allation-aws-arm-tested-machine-types.adoc | 4 +- .../installing-albo-sts-cluster.adoc | 6 +- ...nfiguring-ingress-cluster-traffic-aws.adoc | 4 +- .../configuring-hybrid-networking.adoc | 2 +- nodes/pods/nodes-pods-secrets-store.adoc | 4 +- .../distr-tracing-jaeger-installing.adoc | 2 +- .../aws-compute-edge-zone-tasks.adoc | 8 +- .../cluster-tasks.adoc | 2 +- .../configuring-aws-outposts.adoc | 4 +- ...creating-multi-arch-compute-nodes-aws.adoc | 4 +- .../optimization/optimizing-networking.adoc | 2 +- .../cert-manager-authenticate.adoc | 2 +- .../security-hardening.adoc | 2 +- .../v1x/preparing-ossm-installation.adoc | 4 +- .../v2x/preparing-ossm-installation.adoc | 4 +- .../persistent-storage-csi-aws-efs.adoc | 2 +- .../persistent-storage-csi-ebs.adoc | 2 +- .../preparing-manual-creds-update.adoc | 2 +- welcome/index.adoc | 8 +- 59 files changed, 449 insertions(+), 489 deletions(-) delete mode 100644 _unused_topics/manually-creating-iam.adoc create mode 120000 installing/installing_aws/ipi/_attributes create mode 120000 installing/installing_aws/ipi/images rename installing/installing_aws/{ => ipi}/installing-aws-china.adoc (64%) rename installing/installing_aws/{ => ipi}/installing-aws-customizations.adoc (64%) rename installing/installing_aws/{ => ipi}/installing-aws-default.adoc (52%) rename installing/installing_aws/{ => ipi}/installing-aws-government-region.adoc (64%) rename installing/installing_aws/{ => ipi}/installing-aws-localzone.adoc (62%) rename installing/installing_aws/{ => ipi}/installing-aws-network-customizations.adoc (62%) rename installing/installing_aws/{ => ipi}/installing-aws-outposts.adoc (52%) rename installing/installing_aws/{ => ipi}/installing-aws-private.adoc (64%) rename installing/installing_aws/{ => ipi}/installing-aws-secret-region.adoc (67%) rename installing/installing_aws/{ => ipi}/installing-aws-vpc.adoc (64%) rename installing/installing_aws/{ => ipi}/installing-aws-wavelength-zone.adoc (60%) rename installing/installing_aws/{ => ipi}/installing-restricted-networks-aws-installer-provisioned.adoc (61%) create mode 120000 installing/installing_aws/ipi/modules create mode 120000 installing/installing_aws/ipi/snippets create mode 120000 installing/installing_aws/upi/_attributes create mode 120000 installing/installing_aws/upi/images rename installing/installing_aws/{ => upi}/installing-aws-user-infra.adoc (75%) rename installing/installing_aws/{ => upi}/installing-restricted-networks-aws.adoc (66%) create mode 120000 installing/installing_aws/upi/modules create mode 120000 installing/installing_aws/upi/snippets delete mode 100644 modules/aws-zones-prerequisites.adoc diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index 6f5b184f38..9aad93a35f 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -155,43 +155,51 @@ Topics: Dir: installing_aws Distros: openshift-origin,openshift-enterprise Topics: - - Name: Preparing to install on AWS + - Name: Preparing to install File: preparing-to-install-on-aws - Name: Configuring an AWS account File: installing-aws-account - - Name: Installing a cluster quickly on AWS - File: installing-aws-default - - Name: Installing a cluster on AWS with customizations - File: installing-aws-customizations - - Name: Installing a cluster on AWS with network customizations - File: installing-aws-network-customizations - - Name: Installing a cluster on AWS in a restricted network - File: installing-restricted-networks-aws-installer-provisioned - - Name: Installing a cluster on AWS into an existing VPC - File: installing-aws-vpc - - Name: Installing a private cluster on AWS - File: installing-aws-private - - Name: Installing a cluster on AWS into a government region - File: installing-aws-government-region - - Name: Installing a cluster on AWS into a Secret or Top Secret Region - File: installing-aws-secret-region - - Name: Installing a cluster on AWS into a China region - File: installing-aws-china - - Name: Installing a cluster on AWS using CloudFormation templates - File: installing-aws-user-infra - - Name: Installing a cluster on AWS in a restricted network with user-provisioned infrastructure - File: installing-restricted-networks-aws - - Name: Installing a cluster on AWS with compute nodes on AWS Local Zones - File: installing-aws-localzone - - Name: Installing a cluster on AWS with compute nodes on AWS Wavelength Zones - File: installing-aws-wavelength-zone - - Name: Installing a cluster on AWS with compute nodes on AWS Outposts - File: installing-aws-outposts - - Name: Installing a three-node cluster on AWS + - Name: Installer-provisioned infrastructure + Dir: ipi + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Installing a cluster + File: installing-aws-default + - Name: Installing a cluster with customizations + File: installing-aws-customizations + - Name: Installing a cluster with network customizations + File: installing-aws-network-customizations + - Name: Installing a cluster in a restricted network + File: installing-restricted-networks-aws-installer-provisioned + - Name: Installing a cluster into an existing VPC + File: installing-aws-vpc + - Name: Installing a private cluster + File: installing-aws-private + - Name: Installing a cluster into a government region + File: installing-aws-government-region + - Name: Installing a cluster into a Secret or Top Secret Region + File: installing-aws-secret-region + - Name: Installing a cluster into a China region + File: installing-aws-china + - Name: Installing a cluster with compute nodes on Local Zones + File: installing-aws-localzone + - Name: Installing a cluster with compute nodes on Wavelength Zones + File: installing-aws-wavelength-zone + - Name: Installing a cluster with compute nodes on Outposts + File: installing-aws-outposts + - Name: User-provisioned infrastructure + Dir: upi + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Installing a cluster using CloudFormation templates + File: installing-aws-user-infra + - Name: Installing a cluster in a restricted network with user-provisioned infrastructure + File: installing-restricted-networks-aws + - Name: Installing a three-node cluster File: installing-aws-three-node - - Name: Uninstalling a cluster on AWS + - Name: Uninstalling a cluster File: uninstalling-cluster-aws - - Name: Installation configuration parameters for AWS + - Name: Installation configuration parameters File: installation-config-parameters-aws - Name: Installing on Azure Dir: installing_azure diff --git a/_unused_topics/manually-creating-iam.adoc b/_unused_topics/manually-creating-iam.adoc deleted file mode 100644 index 03690cb021..0000000000 --- a/_unused_topics/manually-creating-iam.adoc +++ /dev/null @@ -1,43 +0,0 @@ -:_mod-docs-content-type: ASSEMBLY -[id="manually-creating-iam-aws"] -= Manually creating IAM for AWS -include::_attributes/common-attributes.adoc[] -:context: manually-creating-iam-aws - -//TO-DO: this should be one file for AWS, Azure, and GCP with conditions for specifics. - -toc::[] - -In environments where the cloud identity and access management (IAM) APIs are not reachable, or the administrator prefers not to store an administrator-level credential secret in the cluster `kube-system` namespace, you can put the Cloud Credential Operator (CCO) into manual mode before you install the cluster. - -include::modules/alternatives-to-storing-admin-secrets-in-kube-system.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources - -// AWS only. Condition out if combining topic for AWS/Azure/GCP. -* To learn how to use the CCO utility (`ccoctl`) to configure the CCO to use the AWS STS, see xref:../../authentication/managing_cloud_provider_credentials/cco-mode-sts.adoc#cco-mode-sts[Using manual mode with STS]. - -// Not supported in Azure. Condition out if combining topic for AWS/Azure/GCP. -* To learn how to rotate or remove the administrator-level credential secret after installing {product-title}, see xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-rotate-remove-cloud-creds[Rotating or removing cloud provider credentials]. - -* For a detailed description of all available CCO credential modes and their supported platforms, see xref:../../authentication/managing_cloud_provider_credentials/about-cloud-credential-operator.adoc#about-cloud-credential-operator[About the Cloud Credential Operator]. - -include::modules/manually-create-identity-access-management.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources -* xref:../../updating/preparing_for_updates/preparing-manual-creds-update.adoc#preparing-manual-creds-update[Preparing to update a cluster with manually maintained credentials] - -include::modules/mint-mode.adoc[leveloffset=+1] - -include::modules/mint-mode-with-removal-of-admin-credential.adoc[leveloffset=+1] - -[id="manually-creating-iam-aws-next-steps"] -== Next steps - -* Install an {product-title} cluster: -** xref:../../installing/installing_aws/installing-aws-default.adoc#installing-aws-default[Installing a cluster quickly on AWS] with default options on installer-provisioned infrastructure -** xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Install a cluster with cloud customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates] diff --git a/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc b/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc index 20e42f1236..0956fb09ae 100644 --- a/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc +++ b/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc @@ -27,7 +27,7 @@ An AWS, global Azure, or GCP cluster that uses manual mode might be configured t == Additional resources * xref:../../installing/installing_alibaba/manually-creating-alibaba-ram.adoc#manually-creating-alibaba-ram[Manually creating RAM resources for Alibaba Cloud] -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] * xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[Manually creating long-term credentials for GCP] * xref:../../installing/installing_ibm_cloud_public/configuring-iam-ibm-cloud.adoc#configuring-iam-ibm-cloud[Configuring IAM for {ibm-cloud-name}] diff --git a/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc b/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc index c8302db17a..c952edc92b 100644 --- a/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc +++ b/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc @@ -23,7 +23,7 @@ When using the CCO in passthrough mode, ensure that the credential you provide m === Amazon Web Services (AWS) permissions The credential you provide for passthrough mode in AWS must have all the requested permissions for all `CredentialsRequest` CRs that are required by the version of {product-title} you are running or installing. -To locate the `CredentialsRequest` CRs that are required, see xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS]. +To locate the `CredentialsRequest` CRs that are required, see xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS]. [id="passthrough-mode-permissions-azure"] === Microsoft Azure permissions @@ -81,7 +81,7 @@ include::modules/admin-credentials-root-secret-formats.adoc[leveloffset=+1] [id="passthrough-mode-maintenance"] == Passthrough mode credential maintenance -If `CredentialsRequest` CRs change over time as the cluster is upgraded, you must manually update the passthrough mode credential to meet the requirements. To avoid credentials issues during an upgrade, check the `CredentialsRequest` CRs in the release image for the new version of {product-title} before upgrading. To locate the `CredentialsRequest` CRs that are required for your cloud provider, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. +If `CredentialsRequest` CRs change over time as the cluster is upgraded, you must manually update the passthrough mode credential to meet the requirements. To avoid credentials issues during an upgrade, check the `CredentialsRequest` CRs in the release image for the new version of {product-title} before upgrading. To locate the `CredentialsRequest` CRs that are required for your cloud provider, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. //Rotating cloud provider credentials manually include::modules/manually-rotating-cloud-creds.adoc[leveloffset=+2] @@ -96,11 +96,11 @@ When using passthrough mode, each component has the same permissions used by all After installation, you can reduce the permissions on your credential to only those that are required to run the cluster, as defined by the `CredentialsRequest` CRs in the release image for the version of {product-title} that you are using. -To locate the `CredentialsRequest` CRs that are required for AWS, Azure, or GCP and learn how to change the permissions the CCO uses, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. +To locate the `CredentialsRequest` CRs that are required for AWS, Azure, or GCP and learn how to change the permissions the CCO uses, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. [role="_additional-resources"] == Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] * xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[Manually creating long-term credentials for GCP] diff --git a/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc b/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc index 701dab1f6e..a7b70fde40 100644 --- a/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc +++ b/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc @@ -39,7 +39,7 @@ In manual mode with STS, the individual {product-title} cluster components use t [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials] //AWS Security Token Service authentication process include::modules/cco-short-term-creds-auth-flow-aws.adoc[leveloffset=+2] @@ -104,7 +104,7 @@ include::modules/cco-short-term-creds-azure-olm.adoc[leveloffset=+2] [id="additional-resources_{context}"] == Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-with-short-term-creds_installing-gcp-customizations[Configuring a GCP cluster to use short-term credentials] * xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-customizations[Configuring a global Microsoft Azure cluster to use short-term credentials] * xref:../../updating/preparing_for_updates/preparing-manual-creds-update.adoc#preparing-manual-creds-update[Preparing to update a cluster with manually maintained credentials] \ No newline at end of file diff --git a/contributing_to_docs/doc_guidelines.adoc b/contributing_to_docs/doc_guidelines.adoc index 818198460a..eb34b337e0 100644 --- a/contributing_to_docs/doc_guidelines.adoc +++ b/contributing_to_docs/doc_guidelines.adoc @@ -119,7 +119,7 @@ Example: ---- // Text snippet included in the following assemblies: // -// * installing/installing_aws/installing-aws-default.adoc +// * installing/installing_aws/ipi/installing-aws-default.adoc // * installing/installing_azure/installing-azure-default.adoc // * installing/installing_gcp/installing-gcp-default.adoc diff --git a/installing/cluster-capabilities.adoc b/installing/cluster-capabilities.adoc index dbe202d21a..3fdd4f32db 100644 --- a/installing/cluster-capabilities.adoc +++ b/installing/cluster-capabilities.adoc @@ -19,7 +19,7 @@ include::snippets/capabilities-table.adoc[] [role="_additional-resources"] .Additional resources -* xref:../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with customizations] +* xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with customizations] * xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[Installing a cluster on GCP with customizations] include::modules/explanation-of-capabilities.adoc[leveloffset=+1] diff --git a/installing/disconnected_install/installing-mirroring-installation-images.adoc b/installing/disconnected_install/installing-mirroring-installation-images.adoc index 2b71663e99..017a4fb76d 100644 --- a/installing/disconnected_install/installing-mirroring-installation-images.adoc +++ b/installing/disconnected_install/installing-mirroring-installation-images.adoc @@ -145,7 +145,7 @@ include::modules/olm-mirroring-catalog-post.adoc[leveloffset=+2] * Install a cluster on infrastructure that you provision in your restricted network, such as on xref:../../installing/installing_vsphere/upi/installing-restricted-networks-vsphere.adoc#installing-restricted-networks-vsphere[VMware vSphere], -xref:../../installing/installing_bare_metal/installing-restricted-networks-bare-metal.adoc#installing-restricted-networks-bare-metal[bare metal], or xref:../../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[Amazon Web Services]. +xref:../../installing/installing_bare_metal/installing-restricted-networks-bare-metal.adoc#installing-restricted-networks-bare-metal[bare metal], or xref:../../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[Amazon Web Services]. [role="_additional-resources"] [id="restricted-networks-additional-resources"] diff --git a/installing/installing-fips.adoc b/installing/installing-fips.adoc index fa157590e8..c5ced1c8b3 100644 --- a/installing/installing-fips.adoc +++ b/installing/installing-fips.adoc @@ -86,7 +86,7 @@ To install a cluster in FIPS mode, follow the instructions to install a customiz To enable FIPS mode for your cluster, you must run the installation program from a {op-system-base} computer configured to operate in FIPS mode. For more information about configuring FIPS mode on RHEL, see link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening[Installing the system in FIPS mode]. ==== -* xref:../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Amazon Web Services] +* xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Amazon Web Services] * xref:../installing/installing_alibaba/installing-alibaba-customizations.adoc#installing-alibaba-customizations[Alibaba Cloud] * xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Microsoft Azure] * xref:../installing/installing_bare_metal/installing-bare-metal.adoc#installing-bare-metal[Bare metal] diff --git a/installing/installing-preparing.adoc b/installing/installing-preparing.adoc index f49b081cda..b1328a8bf0 100644 --- a/installing/installing-preparing.adoc +++ b/installing/installing-preparing.adoc @@ -54,17 +54,17 @@ Because you need to provision machines as part of the {product-title} cluster in Because the operating system is integral to {product-title}, it is easier to let the installation program for {product-title} stand up all of the infrastructure. These are called _installer provisioned infrastructure_ installations. In this type of installation, you can provide some existing infrastructure to the cluster, but the installation program deploys all of the machines that your cluster initially needs. -You can deploy an installer-provisioned infrastructure cluster without specifying any customizations to the cluster or its underlying machines to xref:../installing/installing_alibaba/installing-alibaba-default.adoc#installing-alibaba-default[Alibaba Cloud], xref:../installing/installing_aws/installing-aws-default.adoc#installing-aws-default[AWS], xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[Azure], xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#installing-azure-stack-hub-default[Azure Stack Hub], xref:../installing/installing_gcp/installing-gcp-default.adoc#installing-gcp-default[GCP], xref:../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[Nutanix]. +You can deploy an installer-provisioned infrastructure cluster without specifying any customizations to the cluster or its underlying machines to xref:../installing/installing_alibaba/installing-alibaba-default.adoc#installing-alibaba-default[Alibaba Cloud], xref:../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[AWS], xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[Azure], xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#installing-azure-stack-hub-default[Azure Stack Hub], xref:../installing/installing_gcp/installing-gcp-default.adoc#installing-gcp-default[GCP], xref:../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[Nutanix]. -If you need to perform basic configuration for your installer-provisioned infrastructure cluster, such as the instance type for the cluster machines, you can customize an installation for xref:../installing/installing_alibaba/installing-alibaba-customizations.adoc#installing-alibaba-customizations[Alibaba Cloud], xref:../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[AWS], xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Azure], xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[GCP], xref:../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[Nutanix]. +If you need to perform basic configuration for your installer-provisioned infrastructure cluster, such as the instance type for the cluster machines, you can customize an installation for xref:../installing/installing_alibaba/installing-alibaba-customizations.adoc#installing-alibaba-customizations[Alibaba Cloud], xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[AWS], xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Azure], xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[GCP], xref:../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[Nutanix]. -For installer-provisioned infrastructure installations, you can use an existing xref:../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[VPC in AWS], xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[vNet in Azure], or xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[VPC in GCP]. You can also reuse part of your networking infrastructure so that your cluster in xref:../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[AWS], xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Azure], xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[GCP] can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations. If you have existing accounts and credentials on these clouds, you can re-use them, but you might need to modify the accounts to have the required permissions to install {product-title} clusters on them. +For installer-provisioned infrastructure installations, you can use an existing xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[VPC in AWS], xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[vNet in Azure], or xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[VPC in GCP]. You can also reuse part of your networking infrastructure so that your cluster in xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[AWS], xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Azure], xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[GCP] can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations. If you have existing accounts and credentials on these clouds, you can re-use them, but you might need to modify the accounts to have the required permissions to install {product-title} clusters on them. You can use the installer-provisioned infrastructure method to create appropriate machine instances on your hardware for xref:../installing/installing_vsphere/ipi/installing-vsphere-installer-provisioned.adoc#installing-vsphere-installer-provisioned[vSphere], and xref:../installing/installing_bare_metal_ipi/ipi-install-overview#ipi-install-overview[bare metal]. Additionally, for xref:../installing/installing_vsphere/ipi/installing-vsphere-installer-provisioned-network-customizations.adoc#installing-vsphere-installer-provisioned-network-customizations[vSphere], you can also customize additional network parameters during installation. -If you want to reuse extensive cloud infrastructure, you can complete a _user-provisioned infrastructure_ installation. With these installations, you manually deploy the machines that your cluster requires during the installation process. If you perform a user-provisioned infrastructure installation on xref:../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[AWS], xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[Azure], xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[Azure Stack Hub], you can use the provided templates to help you stand up all of the required components. You can also reuse a shared xref:../installing/installing_gcp/installing-gcp-user-infra-vpc.adoc#installing-gcp-user-infra-vpc[VPC on GCP]. Otherwise, you can use the xref:../installing/installing_platform_agnostic/installing-platform-agnostic.adoc#installing-platform-agnostic[provider-agnostic] installation method to deploy a cluster into other clouds. +If you want to reuse extensive cloud infrastructure, you can complete a _user-provisioned infrastructure_ installation. With these installations, you manually deploy the machines that your cluster requires during the installation process. If you perform a user-provisioned infrastructure installation on xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[AWS], xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[Azure], xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[Azure Stack Hub], you can use the provided templates to help you stand up all of the required components. You can also reuse a shared xref:../installing/installing_gcp/installing-gcp-user-infra-vpc.adoc#installing-gcp-user-infra-vpc[VPC on GCP]. Otherwise, you can use the xref:../installing/installing_platform_agnostic/installing-platform-agnostic.adoc#installing-platform-agnostic[provider-agnostic] installation method to deploy a cluster into other clouds. You can also complete a user-provisioned infrastructure installation on your existing hardware. If you use xref:../installing/installing_openstack/installing-openstack-user.adoc#installing-openstack-user[{rh-openstack}], xref:../installing/installing_ibm_z/installing-ibm-z.adoc#installing-ibm-z[{ibm-z-name} or {ibm-linuxone-name}], xref:../installing/installing_ibm_z/installing-ibm-z-kvm.adoc#installing-ibm-z-kvm[{ibm-z-name} and {ibm-linuxone-name} with {op-system-base} KVM], xref:../installing/installing_ibm_power/installing-ibm-power.adoc#installing-ibm-power[{ibm-power-title}], or xref:../installing/installing_vsphere/upi/installing-vsphere.adoc#installing-vsphere[vSphere], use the specific installation instructions to deploy your cluster. If you use other supported hardware, follow the xref:../installing/installing_bare_metal/installing-bare-metal.adoc#installing-bare-metal[bare metal installation] procedure. For some of these platforms, such as xref:../installing/installing_vsphere/upi/installing-vsphere-network-customizations.adoc#installing-vsphere-network-customizations[vSphere], and xref:../installing/installing_bare_metal/installing-bare-metal-network-customizations.adoc#installing-bare-metal-network-customizations[bare metal], you can also customize additional network parameters during installation. @@ -75,12 +75,12 @@ You can also complete a user-provisioned infrastructure installation on your exi If you use a user-provisioned installation method, you can configure a proxy for your cluster. The instructions are included in each installation procedure. -If you want to prevent your cluster on a public cloud from exposing endpoints externally, you can deploy a private cluster with installer-provisioned infrastructure on xref:../installing/installing_aws/installing-aws-private.adoc#installing-aws-private[AWS], xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[Azure], or xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[GCP]. +If you want to prevent your cluster on a public cloud from exposing endpoints externally, you can deploy a private cluster with installer-provisioned infrastructure on xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[AWS], xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[Azure], or xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[GCP]. -If you need to install your cluster that has limited access to the internet, such as a disconnected or restricted network cluster, you can xref:../installing/disconnected_install/installing-mirroring-installation-images.adoc#installing-mirroring-installation-images[mirror the installation packages] and install the cluster from them. Follow detailed instructions for user provisioned infrastructure installations into restricted networks for xref:../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp.adoc#installing-restricted-networks-gcp[GCP], xref:../installing/installing_ibm_z/installing-restricted-networks-ibm-z.adoc#installing-restricted-networks-ibm-z[{ibm-z-name} or {ibm-linuxone-name}], xref:../installing/installing_ibm_z/installing-restricted-networks-ibm-z-kvm.adoc#installing-restricted-networks-ibm-z-kvm[{ibm-z-name} or {ibm-linuxone-name} with {op-system-base} KVM], xref:../installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc#installing-restricted-networks-ibm-power[{ibm-power-name}], xref:../installing/installing_vsphere/upi/installing-restricted-networks-vsphere.adoc#installing-restricted-networks-vsphere[vSphere], or xref:../installing/installing_bare_metal/installing-restricted-networks-bare-metal.adoc#installing-restricted-networks-bare-metal[bare metal]. You can also install a cluster into a restricted network using installer-provisioned infrastructure by following detailed instructions for xref:../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc#installing-restricted-networks-gcp-installer-provisioned[GCP], xref:../installing/installing_ibm_cloud_public/installing-ibm-cloud-restricted.adoc#installing-ibm-cloud-restricted[{ibm-cloud-name}], xref:../installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc#installing-restricted-networks-nutanix-installer-provisioned[Nutanix], xref:../installing/installing_openstack/installing-openstack-installer-restricted.adoc#installing-openstack-installer-restricted[{rh-openstack}], and xref:../installing/installing_vsphere/ipi/installing-restricted-networks-installer-provisioned-vsphere.adoc#installing-restricted-networks-installer-provisioned-vsphere[vSphere]. +If you need to install your cluster that has limited access to the internet, such as a disconnected or restricted network cluster, you can xref:../installing/disconnected_install/installing-mirroring-installation-images.adoc#installing-mirroring-installation-images[mirror the installation packages] and install the cluster from them. Follow detailed instructions for user-provisioned infrastructure installations into restricted networks for xref:../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp.adoc#installing-restricted-networks-gcp[GCP], xref:../installing/installing_ibm_z/installing-restricted-networks-ibm-z.adoc#installing-restricted-networks-ibm-z[{ibm-z-name} or {ibm-linuxone-name}], xref:../installing/installing_ibm_z/installing-restricted-networks-ibm-z-kvm.adoc#installing-restricted-networks-ibm-z-kvm[{ibm-z-name} or {ibm-linuxone-name} with {op-system-base} KVM], xref:../installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc#installing-restricted-networks-ibm-power[{ibm-power-name}], xref:../installing/installing_vsphere/upi/installing-restricted-networks-vsphere.adoc#installing-restricted-networks-vsphere[vSphere], or xref:../installing/installing_bare_metal/installing-restricted-networks-bare-metal.adoc#installing-restricted-networks-bare-metal[bare metal]. You can also install a cluster into a restricted network using installer-provisioned infrastructure by following detailed instructions for xref:../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc#installing-restricted-networks-gcp-installer-provisioned[GCP], xref:../installing/installing_ibm_cloud_public/installing-ibm-cloud-restricted.adoc#installing-ibm-cloud-restricted[{ibm-cloud-name}], xref:../installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc#installing-restricted-networks-nutanix-installer-provisioned[Nutanix], xref:../installing/installing_openstack/installing-openstack-installer-restricted.adoc#installing-openstack-installer-restricted[{rh-openstack}], and xref:../installing/installing_vsphere/ipi/installing-restricted-networks-installer-provisioned-vsphere.adoc#installing-restricted-networks-installer-provisioned-vsphere[vSphere]. -If you need to deploy your cluster to an xref:../installing/installing_aws/installing-aws-government-region.adoc#installing-aws-government-region[AWS GovCloud region], xref:../installing/installing_aws/installing-aws-china.adoc#installing-aws-china-region[AWS China region], or xref:../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[Azure government region], you can configure those custom regions during an installer-provisioned infrastructure installation. +If you need to deploy your cluster to an xref:../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[AWS GovCloud region], xref:../installing/installing_aws/ipi/installing-aws-china.adoc#installing-aws-china-region[AWS China region], or xref:../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[Azure government region], you can configure those custom regions during an installer-provisioned infrastructure installation. ifndef::openshift-origin[] You can also configure the cluster machines to use the {op-system-base} cryptographic libraries that have been submitted to NIST for xref:../installing/installing-fips.adoc#installing-fips[FIPS 140-2/140-3 Validation] during installation. @@ -135,8 +135,8 @@ ifndef::openshift-origin[] |Default |xref:../installing/installing_alibaba/installing-alibaba-default.adoc#installing-alibaba-default[✓] -|xref:../installing/installing_aws/installing-aws-default.adoc#installing-aws-default[✓] -|xref:../installing/installing_aws/installing-aws-default.adoc#installing-aws-default[✓] +|xref:../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[✓] +|xref:../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[✓] |xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#installing-azure-stack-hub-default[✓] @@ -154,8 +154,8 @@ ifndef::openshift-origin[] |Custom |xref:../installing/installing_alibaba/installing-alibaba-customizations.adoc#installing-alibaba-customizations[✓] -|xref:../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[✓] -|xref:../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[✓] +|xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] +|xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] |xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[✓] |xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#installing-azure-stack-hub-default[✓] @@ -174,8 +174,8 @@ ifndef::openshift-origin[] |Network customization |xref:../installing/installing_alibaba/installing-alibaba-network-customizations.adoc#installing-alibaba-network-customizations[✓] -|xref:../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] -|xref:../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] +|xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] +|xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] |xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-network-customizations.adoc#installing-azure-stack-hub-network-customizations[✓] @@ -193,8 +193,8 @@ ifndef::openshift-origin[] |Restricted network | -|xref:../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] -|xref:../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] +|xref:../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] +|xref:../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] |xref:../installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc#installing-restricted-networks-azure-installer-provisioned[✓] |xref:../installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc#installing-restricted-networks-azure-installer-provisioned[✓] | @@ -212,8 +212,8 @@ ifndef::openshift-origin[] |Private clusters | -|xref:../installing/installing_aws/installing-aws-private.adoc#installing-aws-private[✓] -|xref:../installing/installing_aws/installing-aws-private.adoc#installing-aws-private[✓] +|xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[✓] +|xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[✓] |xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[✓] |xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[✓] | @@ -231,8 +231,8 @@ ifndef::openshift-origin[] |Existing virtual private networks | -|xref:../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[✓] -|xref:../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[✓] +|xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[✓] +|xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[✓] |xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[✓] |xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[✓] | @@ -250,7 +250,7 @@ ifndef::openshift-origin[] |Government regions | -|xref:../installing/installing_aws/installing-aws-government-region.adoc#installing-aws-government-region[✓] +|xref:../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[✓] | |xref:../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[✓] | @@ -269,7 +269,7 @@ ifndef::openshift-origin[] |Secret regions | -|xref:../installing/installing_aws/installing-aws-secret-region.adoc#installing-aws-secret-region[✓] +|xref:../installing/installing_aws/ipi/installing-aws-secret-region.adoc#installing-aws-secret-region[✓] | | | @@ -288,7 +288,7 @@ ifndef::openshift-origin[] |China regions | -|xref:../installing/installing_aws/installing-aws-china.adoc#installing-aws-china-region[✓] +|xref:../installing/installing_aws/ipi/installing-aws-china.adoc#installing-aws-china-region[✓] | | | @@ -315,7 +315,7 @@ ifdef::openshift-origin[] |Default |xref:../installing/installing_alibaba/installing-alibaba-default.adoc#installing-alibaba-default[✓] -|xref:../installing/installing_aws/installing-aws-default.adoc#installing-aws-default[✓] +|xref:../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[✓] |xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_gcp/installing-gcp-default.adoc#installing-gcp-default[✓] @@ -329,7 +329,7 @@ ifdef::openshift-origin[] |Custom |xref:../installing/installing_alibaba/installing-alibaba-customizations.adoc#installing-alibaba-customizations[✓] -|xref:../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[✓] +|xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] |xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[✓] |xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[✓] @@ -343,7 +343,7 @@ ifdef::openshift-origin[] |Network customization |xref:../installing/installing_alibaba/installing-alibaba-network-customizations.adoc#installing-alibaba-network-customizations[✓] -|xref:../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] +|xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] |xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-network-customizations.adoc#installing-azure-stack-hub-network-customizations[✓] |xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[✓] @@ -357,7 +357,7 @@ ifdef::openshift-origin[] |Restricted network | -|xref:../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] +|xref:../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] | | |xref:../installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc#installing-restricted-networks-gcp-installer-provisioned[✓] @@ -371,7 +371,7 @@ ifdef::openshift-origin[] |Private clusters | -|xref:../installing/installing_aws/installing-aws-private.adoc#installing-aws-private[✓] +|xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[✓] |xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[✓] | |xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[✓] @@ -385,7 +385,7 @@ ifdef::openshift-origin[] |Existing virtual private networks | -|xref:../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[✓] +|xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[✓] |xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[✓] | |xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[✓] @@ -399,7 +399,7 @@ ifdef::openshift-origin[] |Government regions | -|xref:../installing/installing_aws/installing-aws-government-region.adoc#installing-aws-government-region[✓] +|xref:../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[✓] |xref:../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[✓] | | @@ -413,7 +413,7 @@ ifdef::openshift-origin[] |Secret regions | -|xref:../installing/installing_aws/installing-aws-secret-region.adoc#installing-aws-secret-region[✓] +|xref:../installing/installing_aws/ipi/installing-aws-secret-region.adoc#installing-aws-secret-region[✓] | | | @@ -427,7 +427,7 @@ ifdef::openshift-origin[] |China regions | -|xref:../installing/installing_aws/installing-aws-china.adoc#installing-aws-china-region[✓] +|xref:../installing/installing_aws/ipi/installing-aws-china.adoc#installing-aws-china-region[✓] | | | @@ -450,8 +450,8 @@ ifndef::openshift-origin[] |Custom | -|xref:../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] -|xref:../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] +|xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] +|xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] |xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] |xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[✓] @@ -491,8 +491,8 @@ ifndef::openshift-origin[] |Restricted network | -|xref:../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[✓] -|xref:../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[✓] +|xref:../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[✓] +|xref:../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[✓] | | | @@ -540,7 +540,7 @@ ifdef::openshift-origin[] |Custom | -|xref:../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] +|xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] |xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[✓] |xref:../installing/installing_gcp/installing-gcp-user-infra.adoc#installing-gcp-user-infra[✓] @@ -573,7 +573,7 @@ ifdef::openshift-origin[] |Restricted network | -|xref:../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[✓] +|xref:../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[✓] | | |xref:../installing/installing_gcp/installing-restricted-networks-gcp.adoc#installing-restricted-networks-gcp[✓] diff --git a/installing/installing_aws/installing-aws-account.adoc b/installing/installing_aws/installing-aws-account.adoc index 522cf3f88e..dd13472620 100644 --- a/installing/installing_aws/installing-aws-account.adoc +++ b/installing/installing_aws/installing-aws-account.adoc @@ -26,7 +26,7 @@ include::modules/installation-aws-add-iam-roles.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* See xref:../../installing/installing_aws/installing-aws-customizations.adoc#installation-launching-installer_installing-aws-customizations[Deploying the cluster]. +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installation-launching-installer_installing-aws-customizations[Deploying the cluster] include::modules/installation-aws-access-analyzer.adoc[leveloffset=+2] @@ -37,7 +37,7 @@ include::modules/installation-aws-regions.adoc[leveloffset=+1] == Next steps * Install an {product-title} cluster: -** xref:../../installing/installing_aws/installing-aws-default.adoc#installing-aws-default[Quickly install a cluster] with default options on installer-provisioned infrastructure -** xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Install a cluster with cloud customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates] \ No newline at end of file +** xref:../../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[Quickly install a cluster] with default options on installer-provisioned infrastructure +** xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Install a cluster with cloud customizations on installer-provisioned infrastructure] +** xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] +** xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates] \ No newline at end of file diff --git a/installing/installing_aws/installing-aws-three-node.adoc b/installing/installing_aws/installing-aws-three-node.adoc index c681ed042a..c4237f6896 100644 --- a/installing/installing_aws/installing-aws-three-node.adoc +++ b/installing/installing_aws/installing-aws-three-node.adoc @@ -18,5 +18,5 @@ Deploying a three-node cluster using an AWS Marketplace image is not supported. include::modules/installation-three-node-cluster-cloud-provider.adoc[leveloffset=+1] == Next steps -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with customizations] -* xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with customizations] +* xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates] diff --git a/installing/installing_aws/ipi/_attributes b/installing/installing_aws/ipi/_attributes new file mode 120000 index 0000000000..cd86bd826c --- /dev/null +++ b/installing/installing_aws/ipi/_attributes @@ -0,0 +1 @@ +../../../_attributes \ No newline at end of file diff --git a/installing/installing_aws/ipi/images b/installing/installing_aws/ipi/images new file mode 120000 index 0000000000..4dd3347de1 --- /dev/null +++ b/installing/installing_aws/ipi/images @@ -0,0 +1 @@ +../../../images \ No newline at end of file diff --git a/installing/installing_aws/installing-aws-china.adoc b/installing/installing_aws/ipi/installing-aws-china.adoc similarity index 64% rename from installing/installing_aws/installing-aws-china.adoc rename to installing/installing_aws/ipi/installing-aws-china.adoc index af2857959a..3b3caa0ee2 100644 --- a/installing/installing_aws/installing-aws-china.adoc +++ b/installing/installing_aws/ipi/installing-aws-china.adoc @@ -14,10 +14,10 @@ In {product-title} version {product-version}, you can install a cluster to the f == Prerequisites * You have an Internet Content Provider (ICP) license. -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. [IMPORTANT] ==== @@ -44,7 +44,7 @@ include::modules/installation-initializing-manual.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-aws-config-yaml.adoc[leveloffset=+2] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] @@ -52,7 +52,7 @@ include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-arm-tested-machine-types.adoc[leveloffset=+2] @@ -69,9 +69,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-china.adoc#manually-create-iam_installing-aws-china-region[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-china.adoc#manually-create-iam_installing-aws-china-region[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-china.adoc#installing-aws-with-short-term-creds_installing-aws-china-region[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-china.adoc#installing-aws-with-short-term-creds_installing-aws-china-region[Configuring an AWS cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -91,9 +91,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-china.adoc#cco-ccoctl-creating-at-once_installing-aws-china-region[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-china.adoc#cco-ccoctl-creating-at-once_installing-aws-china-region[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-china.adoc#cco-ccoctl-creating-individually_installing-aws-china-region[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-china.adoc#cco-ccoctl-creating-individually_installing-aws-china-region[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -115,12 +115,12 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-aws-customizations.adoc b/installing/installing_aws/ipi/installing-aws-customizations.adoc similarity index 64% rename from installing/installing_aws/installing-aws-customizations.adoc rename to installing/installing_aws/ipi/installing-aws-customizations.adoc index 2011773361..c1ba4a8f34 100644 --- a/installing/installing_aws/installing-aws-customizations.adoc +++ b/installing/installing_aws/ipi/installing-aws-customizations.adoc @@ -19,15 +19,15 @@ The scope of the {product-title} installation configurations is intentionally na == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. include::modules/cluster-entitlements.adoc[leveloffset=+1] @@ -41,14 +41,14 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] @@ -66,9 +66,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -88,9 +88,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-customizations[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-customizations[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-customizations[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-customizations[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -110,18 +110,18 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-aws-default.adoc b/installing/installing_aws/ipi/installing-aws-default.adoc similarity index 52% rename from installing/installing_aws/installing-aws-default.adoc rename to installing/installing_aws/ipi/installing-aws-default.adoc index 0c59c12608..955815c969 100644 --- a/installing/installing_aws/installing-aws-default.adoc +++ b/installing/installing_aws/ipi/installing-aws-default.adoc @@ -11,15 +11,15 @@ Amazon Web Services (AWS) that uses the default configuration options. == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. include::modules/cluster-entitlements.adoc[leveloffset=+1] @@ -43,18 +43,18 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-aws-government-region.adoc b/installing/installing_aws/ipi/installing-aws-government-region.adoc similarity index 64% rename from installing/installing_aws/installing-aws-government-region.adoc rename to installing/installing_aws/ipi/installing-aws-government-region.adoc index 11bdcbb9fb..efb6bc0655 100644 --- a/installing/installing_aws/installing-aws-government-region.adoc +++ b/installing/installing_aws/ipi/installing-aws-government-region.adoc @@ -13,15 +13,15 @@ install the cluster. == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. include::modules/installation-aws-about-government-region.adoc[leveloffset=+1] @@ -45,14 +45,14 @@ include::modules/installation-initializing-manual.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-arm-tested-machine-types.adoc[leveloffset=+2] @@ -70,9 +70,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-government-region.adoc#manually-create-iam_installing-aws-government-region[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-government-region.adoc#manually-create-iam_installing-aws-government-region[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-government-region.adoc#installing-aws-with-short-term-creds_installing-aws-government-region[Incorporating the Cloud Credential Operator utility manifests]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-with-short-term-creds_installing-aws-government-region[Incorporating the Cloud Credential Operator utility manifests]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -92,9 +92,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-government-region.adoc#cco-ccoctl-creating-at-once_installing-aws-government-region[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-government-region.adoc#cco-ccoctl-creating-at-once_installing-aws-government-region[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-government-region.adoc#cco-ccoctl-creating-individually_installing-aws-government-region[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-government-region.adoc#cco-ccoctl-creating-individually_installing-aws-government-region[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -114,18 +114,18 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-aws-localzone.adoc b/installing/installing_aws/ipi/installing-aws-localzone.adoc similarity index 62% rename from installing/installing_aws/installing-aws-localzone.adoc rename to installing/installing_aws/ipi/installing-aws-localzone.adoc index 0dceb7b41b..2d073e838d 100644 --- a/installing/installing_aws/installing-aws-localzone.adoc +++ b/installing/installing_aws/ipi/installing-aws-localzone.adoc @@ -12,7 +12,40 @@ You can quickly install an {product-title} cluster on Amazon Web Services (AWS) AWS {zone-type} is an infrastructure that place Cloud Resources close to metropolitan regions. For more information, see the link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-local-zones[AWS Local Zones Documentation]. // Infrastructure prerequisites -include::modules/aws-zones-prerequisites.adoc[leveloffset=+1] +[id="aws-zones-prerequisites_{context}"] +== Infrastructure prerequisites + +* You reviewed details about xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You are familiar with xref:../../../installing/installing-preparing.adoc#installing-preparing[Selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. ++ +[WARNING] +==== +If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. +==== +* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or UNIX)] in the AWS documentation. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster must access. +* You noted the region and supported link:https://aws.amazon.com/about-aws/global-infrastructure/localzones/locations[AWS Local Zones locations] to create the network resources in. +* You read the link:https://aws.amazon.com/about-aws/global-infrastructure/localzones/features/[AWS Local Zones features] in the AWS documentation. +* You added permissions for creating network resources that support AWS Local Zones to the Identity and Access Management (IAM) user or role. The following example enables a zone group that can provide a user or role access for creating network network resources that support AWS {zone-type}. ++ +.Example of an additional IAM policy with the `ec2:ModifyAvailabilityZoneGroup` permission attached to an IAM user or role. ++ +[source,yaml] +---- +{ + "Version": "2012-10-17", + "Statement": [ + { + "Action": [ + "ec2:ModifyAvailabilityZoneGroup" + ], + "Effect": "Allow", + "Resource": "*" + } + ] +} +---- [id="installation-about-local-zone-edge-compute-pool_{context}"] == About AWS Local Zones and edge compute pool @@ -28,16 +61,16 @@ include::modules/edge-machine-pools-aws-local-zones.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] -* xref:../../networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] -* xref:../../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations-about_nodes-scheduler-taints-tolerations[Understanding taints and tolerations] -* xref:../../storage/understanding-persistent-storage.adoc#pvc-storage-class_understanding-persistent-storage[Storage classes] -* xref:../../networking/ingress-sharding.html#nw-ingress-sharding_ingress-sharding[Ingress Controller sharding] +* xref:../../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] +* xref:../../../networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] +* xref:../../../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations-about_nodes-scheduler-taints-tolerations[Understanding taints and tolerations] +* xref:../../../storage/understanding-persistent-storage.adoc#pvc-storage-class_understanding-persistent-storage[Storage classes] +* xref:../../../networking/ingress-sharding.adoc#nw-ingress-sharding_ingress-sharding[Ingress Controller sharding] [id="installation-prereqs-aws-local-zone_{context}"] == Installation prerequisites -Before you install a cluster in an AWS {zone-type} environment, you must configure your infrastructure so that it can adopt Local Zone capabilities. +Before you install a cluster in an AWS {zone-type} environment, you must configure your infrastructure so that it can adopt Local Zone capabilities. // Opting in to AWS Local Zones include::modules/installation-aws-add-zone-locations.adoc[leveloffset=+2] @@ -94,8 +127,8 @@ include::modules/aws-cluster-installation-options-aws-lzs.adoc[leveloffset=+1] Choose one of the following options to install an {product-title} cluster in an AWS {zone-type} environment: -* xref:../../installing/installing_aws/installing-aws-localzone.adoc#installation-cluster-quickly-extend-compute-nodes_installing-aws-localzone[Installing a cluster quickly in AWS Local Zones] -* xref:../../installing/installing_aws/installing-aws-localzone.adoc#creating-aws-local-zone-environment-existing_installing-aws-localzone[Installing a cluster in an existing VPC with defined Local Zone subnets] +* xref:../../../installing/installing_aws/ipi/installing-aws-localzone.adoc#installation-cluster-quickly-extend-compute-nodes_installing-aws-localzone[Installing a cluster quickly in AWS Local Zones] +* xref:../../../installing/installing_aws/ipi/installing-aws-localzone.adoc#creating-aws-local-zone-environment-existing_installing-aws-localzone[Installing a cluster in an existing VPC with defined AWS Local Zone subnets] // Installing a cluster quickly in AWS Local Zones include::modules/installation-cluster-quickly-extend-compute-nodes.adoc[leveloffset=+1] @@ -106,12 +139,12 @@ include::modules/install-creating-install-config-aws-edge-zones.adoc[leveloffset [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-localzone.adoc#installation-generate-aws-user-infra-install-config_installing-aws-localzone[Creating the installation configuration file] +* xref:../../../installing/installing_aws/ipi/installing-aws-localzone.adoc#installation-generate-aws-user-infra-install-config_installing-aws-localzone[Creating the installation configuration file] -* xref:../../installing/installing_aws/installing-aws-localzone.adoc#cluster-limitations-aws-zone_installing-aws-localzone[Cluster limitations in AWS Local Zones] +* xref:../../../installing/installing_aws/ipi/installing-aws-localzone.adoc#cluster-limitations-aws-zone_installing-aws-localzone[Cluster limitations in AWS Local Zones] .Next steps -* xref:../../installing/installing_aws/installing-aws-localzone.adoc#installation-launching-installer_installing-aws-localzone[Deploying the cluster] +* xref:../../../installing/installing_aws/ipi/installing-aws-localzone.adoc#installation-launching-installer_installing-aws-localzone[Deploying the cluster] [id="creating-aws-local-zone-environment-existing_{context}"] == Installing a cluster in an existing VPC that has Local Zone subnets @@ -161,7 +194,7 @@ include::modules/installing-aws-edge-zones-custom-vpc-config.adoc[leveloffset=+2 * For more information about AWS profile and credential configuration, see link:https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html[Configuration and credential file settings] in the AWS documentation. .Next steps -* xref:../../installing/installing_aws/installing-aws-localzone.adoc#installation-launching-installer_installing-aws-localzone[Deploying the cluster] +* xref:../../../installing/installing_aws/ipi/installing-aws-localzone.adoc#installation-launching-installer_installing-aws-localzone[Deploying the cluster] // Optional: AWS security groups include::modules/installation-aws-security-groups.adoc[leveloffset=+1] @@ -186,7 +219,7 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* For more information about accessing and understanding the {product-title} web console, see xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] // Verifying nodes that were created with edge compute pool include::modules/machine-edge-pool-review-nodes.adoc[leveloffset=+2] @@ -197,10 +230,10 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* For more information about the Telemetry service, see xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring]. +* xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] .Next steps -//* xref:../../post_installation_configuration/aws-compute-edge-zone-tasks#installation-extend-edge-nodes-aws-local-zones_aws-compute-edge-zone-tasks[Creating user workloads in AWS Local Zones or Wavelength Zones] -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health]. +//* xref:../../../post_installation_configuration/aws-compute-edge-zone-tasks#installation-extend-edge-nodes-aws-local-zones_aws-compute-edge-zone-tasks[Creating user workloads in AWS Local Zones or Wavelength Zones] +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health]. diff --git a/installing/installing_aws/installing-aws-network-customizations.adoc b/installing/installing_aws/ipi/installing-aws-network-customizations.adoc similarity index 62% rename from installing/installing_aws/installing-aws-network-customizations.adoc rename to installing/installing_aws/ipi/installing-aws-network-customizations.adoc index 40ed1e87a3..7767ec5f92 100644 --- a/installing/installing_aws/installing-aws-network-customizations.adoc +++ b/installing/installing_aws/ipi/installing-aws-network-customizations.adoc @@ -18,15 +18,15 @@ cluster. == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. // TODO // Concept that describes networking @@ -42,14 +42,14 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-arm-tested-machine-types.adoc[leveloffset=+2] @@ -66,9 +66,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#manually-create-iam_installing-aws-network-customizations[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#manually-create-iam_installing-aws-network-customizations[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-network-customizations[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-network-customizations[Configuring an AWS cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -88,9 +88,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-network-customizations[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-network-customizations[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-network-customizations[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-network-customizations[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -108,7 +108,7 @@ include::modules/nw-modifying-operator-install-config.adoc[leveloffset=+1] [NOTE] ==== -For more information on using a Network Load Balancer (NLB) on AWS, see xref:../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc#configuring-ingress-cluster-traffic-aws-network-load-balancer[Configuring Ingress cluster traffic on AWS using a Network Load Balancer]. +For more information on using a Network Load Balancer (NLB) on AWS, see xref:../../../networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc#nw-configuring-ingress-cluster-traffic-aws-network-load-balancer_configuring-ingress-cluster-traffic-aws[Configuring Ingress cluster traffic on AWS using a Network Load Balancer]. ==== include::modules/nw-aws-nlb-new-cluster.adoc[leveloffset=+1] @@ -118,7 +118,7 @@ include::modules/configuring-hybrid-ovnkubernetes.adoc[leveloffset=+1] [NOTE] ==== -For more information on using Linux and Windows nodes in the same cluster, see xref:../../windows_containers/understanding-windows-container-workloads.adoc#understanding-windows-container-workloads[Understanding Windows container workloads]. +For more information on using Linux and Windows nodes in the same cluster, see xref:../../../windows_containers/understanding-windows-container-workloads.adoc#understanding-windows-container-workloads[Understanding Windows container workloads]. ==== @@ -131,18 +131,18 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-aws-outposts.adoc b/installing/installing_aws/ipi/installing-aws-outposts.adoc similarity index 52% rename from installing/installing_aws/installing-aws-outposts.adoc rename to installing/installing_aws/ipi/installing-aws-outposts.adoc index 6022ad9c21..7c0d4e7f5f 100644 --- a/installing/installing_aws/installing-aws-outposts.adoc +++ b/installing/installing_aws/ipi/installing-aws-outposts.adoc @@ -8,6 +8,6 @@ toc::[] In {product-title} version 4.14, you could install a cluster on Amazon Web Services (AWS) with compute nodes running in AWS Outposts as a Technology Preview. As of {product-title} version 4.15, this installation method is no longer supported. -Instead, you can xref:../../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[install a cluster on AWS into an existing VPC] and provision compute nodes on AWS Outposts as a postinstallation configuration task. +Instead, you can xref:../../../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[install a cluster on AWS into an existing VPC] and provision compute nodes on AWS Outposts as a postinstallation configuration task. -For more information, see xref:../../post_installation_configuration/configuring-aws-outposts.adoc#configuring-aws-outposts[Extending an AWS VPC cluster into an AWS Outpost] \ No newline at end of file +For more information, see xref:../../../post_installation_configuration/configuring-aws-outposts.adoc#configuring-aws-outposts[Extending an AWS VPC cluster into an AWS Outpost] \ No newline at end of file diff --git a/installing/installing_aws/installing-aws-private.adoc b/installing/installing_aws/ipi/installing-aws-private.adoc similarity index 64% rename from installing/installing_aws/installing-aws-private.adoc rename to installing/installing_aws/ipi/installing-aws-private.adoc index 76705a4ef3..8780569ed0 100644 --- a/installing/installing_aws/installing-aws-private.adoc +++ b/installing/installing_aws/ipi/installing-aws-private.adoc @@ -11,15 +11,15 @@ parameters in the `install-config.yaml` file before you install the cluster. == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. include::modules/private-clusters-default.adoc[leveloffset=+1] @@ -38,14 +38,14 @@ include::modules/installation-initializing-manual.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-arm-tested-machine-types.adoc[leveloffset=+2] @@ -64,9 +64,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-private.adoc#manually-create-iam_installing-aws-private[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-private.adoc#manually-create-iam_installing-aws-private[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-private.adoc#installing-aws-with-short-term-creds_installing-aws-private[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-with-short-term-creds_installing-aws-private[Configuring an AWS cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -86,9 +86,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-private.adoc#cco-ccoctl-creating-at-once_installing-aws-private[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-private.adoc#cco-ccoctl-creating-at-once_installing-aws-private[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-private.adoc#cco-ccoctl-creating-individually_installing-aws-private[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-private.adoc#cco-ccoctl-creating-individually_installing-aws-private[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -108,18 +108,18 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-aws-secret-region.adoc b/installing/installing_aws/ipi/installing-aws-secret-region.adoc similarity index 67% rename from installing/installing_aws/installing-aws-secret-region.adoc rename to installing/installing_aws/ipi/installing-aws-secret-region.adoc index 926609adc0..2c6859bcd5 100644 --- a/installing/installing_aws/installing-aws-secret-region.adoc +++ b/installing/installing_aws/ipi/installing-aws-secret-region.adoc @@ -16,15 +16,15 @@ To configure a cluster in either region, you change parameters in the `install c [id="prerequisites_installing-aws-secret-region"] == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multifactor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. include::modules/installation-aws-about-government-region.adoc[leveloffset=+1] @@ -48,7 +48,7 @@ include::modules/installation-initializing-manual.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-config-yaml.adoc[leveloffset=+2] @@ -63,9 +63,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-secret-region.adoc#manually-create-iam_installing-aws-secret-region[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-secret-region.adoc#manually-create-iam_installing-aws-secret-region[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-secret-region.adoc#installing-aws-with-short-term-creds_installing-aws-secret-region[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-secret-region.adoc#installing-aws-with-short-term-creds_installing-aws-secret-region[Configuring an AWS cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -85,9 +85,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-secret-region.adoc#cco-ccoctl-creating-at-once_installing-aws-secret-region[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-secret-region.adoc#cco-ccoctl-creating-at-once_installing-aws-secret-region[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-secret-region.adoc#cco-ccoctl-creating-individually_installing-aws-secret-region[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-secret-region.adoc#cco-ccoctl-creating-individually_installing-aws-secret-region[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -107,18 +107,18 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] [id="additional-resources_installing-aws-secret-region_console"] .Additional resources -* xref:../../web_console/web-console.adoc#web-console[Accessing the web console] +* xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] [id="additional-resources_installing-aws-secret-region_telemetry"] .Additional resources -* xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] +* xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] [id="next-steps_installing-aws-secret-region"] == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-aws-vpc.adoc b/installing/installing_aws/ipi/installing-aws-vpc.adoc similarity index 64% rename from installing/installing_aws/installing-aws-vpc.adoc rename to installing/installing_aws/ipi/installing-aws-vpc.adoc index 4f74e37948..8ff449ef27 100644 --- a/installing/installing_aws/installing-aws-vpc.adoc +++ b/installing/installing_aws/ipi/installing-aws-vpc.adoc @@ -11,16 +11,16 @@ parameters in the `install-config.yaml` file before you install the cluster. == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. * If the existing VPC is owned by a different account than the cluster, you link:https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html[shared the VPC] between accounts. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. include::modules/installation-custom-aws-vpc.adoc[leveloffset=+1] include::modules/installation-aws-security-groups.adoc[leveloffset=+2] @@ -36,14 +36,14 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-arm-tested-machine-types.adoc[leveloffset=+2] @@ -62,9 +62,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-aws-vpc.adoc#manually-create-iam_installing-aws-vpc[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-vpc.adoc#manually-create-iam_installing-aws-vpc[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-with-short-term-creds_installing-aws-vpc[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-with-short-term-creds_installing-aws-vpc[Configuring an AWS cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -84,9 +84,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-aws-vpc.adoc#cco-ccoctl-creating-at-once_installing-aws-vpc[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-vpc.adoc#cco-ccoctl-creating-at-once_installing-aws-vpc[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-aws-vpc.adoc#cco-ccoctl-creating-individually_installing-aws-vpc[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-vpc.adoc#cco-ccoctl-creating-individually_installing-aws-vpc[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -106,19 +106,19 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. -* After installing a cluster on AWS into an existing VPC, you can xref:../../post_installation_configuration/configuring-aws-outposts.adoc#configuring-aws-outposts[extend the AWS VPC cluster into an AWS Outpost]. \ No newline at end of file +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* After installing a cluster on AWS into an existing VPC, you can xref:../../../post_installation_configuration/configuring-aws-outposts.adoc#configuring-aws-outposts[extend the AWS VPC cluster into an AWS Outpost]. \ No newline at end of file diff --git a/installing/installing_aws/installing-aws-wavelength-zone.adoc b/installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc similarity index 60% rename from installing/installing_aws/installing-aws-wavelength-zone.adoc rename to installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc index d2048a2d65..049a723490 100644 --- a/installing/installing_aws/installing-aws-wavelength-zone.adoc +++ b/installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc @@ -9,9 +9,9 @@ toc::[] You can quickly install an {product-title} cluster on Amazon Web Services (AWS) {zone-type} by setting the zone names in the edge compute pool of the `install-config.yaml` file, or install a cluster in an existing Amazon Virtual Private Cloud (VPC) with Wavelength Zone subnets. -AWS {zone-type} is an infrastructure that AWS configured for mobile edge computing (MEC) applications. +AWS {zone-type} is an infrastructure that AWS configured for mobile edge computing (MEC) applications. -A Wavelength Zone embeds AWS compute and storage services within the 5G network of a communication service provider (CSP). By placing application servers in a Wavelength Zone, the application traffic from your 5G devices can stay in the 5G network. The application traffic of the device reaches the target server directly, making latency a non-issue. +A Wavelength Zone embeds AWS compute and storage services within the 5G network of a communication service provider (CSP). By placing application servers in a Wavelength Zone, the application traffic from your 5G devices can stay in the 5G network. The application traffic of the device reaches the target server directly, making latency a non-issue. [role="_additional-resources"] .Additional resources @@ -19,7 +19,49 @@ A Wavelength Zone embeds AWS compute and storage services within the 5G network * See link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-wavelength-zones[Wavelength Zones] in the AWS documentation. // Infrastructure prerequisites -include::modules/aws-zones-prerequisites.adoc[leveloffset=+1] +[id="aws-zones-prerequisites_{context}"] +== Infrastructure prerequisites + +* You reviewed details about xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You are familiar with xref:../../../installing/installing-preparing.adoc#installing-preparing[Selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. ++ +[WARNING] +==== +If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. +==== +* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or UNIX)] in the AWS documentation. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster must access. +* You noted the region and supported link:https://aws.amazon.com/wavelength/locations[AWS Wavelength Zone locations] to create the network resources in. +* You read link:https://aws.amazon.com/about-aws/global-infrastructure/localzones/features/[AWS Wavelength features] in the AWS documentation. +* You read the link:https://docs.aws.amazon.com/wavelength/latest/developerguide/wavelength-quotas.html[Quotas and considerations for Wavelength Zones] in the AWS documentation. +* You added permissions for creating network resources that support AWS Wavelength Zones to the Identity and Access Management (IAM) user or role. For example: ++ +.Example of an additional IAM policy that attached `ec2:ModifyAvailabilityZoneGroup`, `ec2:CreateCarrierGateway`, and `ec2:DeleteCarrierGateway` permissions to a user or role ++ +[source,yaml] +---- +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "ec2:DeleteCarrierGateway", + "ec2:CreateCarrierGateway" + ], + "Resource": "*" + }, + { + "Action": [ + "ec2:ModifyAvailabilityZoneGroup" + ], + "Effect": "Allow", + "Resource": "*" + } + ] +} +---- [id="about-aws-wavelength-zone-edge-compute-pool_{context}"] == About AWS Wavelength Zones and edge compute pool @@ -35,16 +77,16 @@ include::modules/edge-machine-pools-aws-local-zones.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] -* xref:../../networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] -* xref:../../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations-about_nodes-scheduler-taints-tolerations[Understanding taints and tolerations] -* xref:../../storage/understanding-persistent-storage.adoc#pvc-storage-class_understanding-persistent-storage[Storage classes] -* xref:../../networking/ingress-sharding.html#nw-ingress-sharding_ingress-sharding[Ingress Controller sharding] +* xref:../../../networking/changing-cluster-network-mtu.adoc#mtu-value-selection_changing-cluster-network-mtu[MTU value selection] +* xref:../../../networking/changing-cluster-network-mtu.adoc#nw-ovn-ipsec-enable_configuring-ipsec-ovn[Changing the MTU for the cluster network] +* xref:../../../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations-about_nodes-scheduler-taints-tolerations[Understanding taints and tolerations] +* xref:../../../storage/understanding-persistent-storage.adoc#pvc-storage-class_understanding-persistent-storage[Storage classes] +* xref:../../../networking/ingress-sharding.adoc#nw-ingress-sharding_ingress-sharding[Ingress Controller sharding] [id="installation-prereqs-aws-wavelength-zone_{context}"] == Installation prerequisites -Before you install a cluster in an AWS {zone-type} environment, you must configure your infrastructure so that it can adopt Wavelength Zone capabilities. +Before you install a cluster in an AWS {zone-type} environment, you must configure your infrastructure so that it can adopt Wavelength Zone capabilities. // Opting in to AWS Zones include::modules/installation-aws-add-zone-locations.adoc[leveloffset=+2] @@ -96,8 +138,8 @@ include::modules/aws-cluster-installation-options-aws-lzs.adoc[leveloffset=+1] Choose one of the following options to install an {product-title} cluster in an AWS {zone-type} environment: -* xref:../../installing/installing_aws/installing-aws-wavelength-zone.adoc#installation-cluster-quickly-extend-compute-nodes_installing-aws-wavelength-zone[Installing a cluster quickly in AWS Wavelength Zones] -* xref:../../installing/installing_aws/installing-aws-wavelength-zone.adoc#install-creating-install-config-aws-edge-zones_installing-aws-wavelength-zone[Modifying an installation configuration file to use AWS Wavelength Zones] +* xref:../../../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#installation-cluster-quickly-extend-compute-nodes_installing-aws-wavelength-zone[Installing a cluster quickly in AWS Wavelength Zones] +* xref:../../../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#install-creating-install-config-aws-edge-zones_installing-aws-wavelength-zone[Modifying an installation configuration file to use AWS Wavelength Zones] // Installing a cluster quickly in AWS Wavelength Zones include::modules/installation-cluster-quickly-extend-compute-nodes.adoc[leveloffset=+1] @@ -108,12 +150,12 @@ include::modules/install-creating-install-config-aws-edge-zones.adoc[leveloffset [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-wavelength-zone.adoc#installation-generate-aws-user-infra-install-config_installing-aws-wavelength-zone[Creating the installation configuration file] +* xref:../../../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#installation-generate-aws-user-infra-install-config_installing-aws-wavelength-zone[Creating the installation configuration file] -* xref:../../installing/installing_aws/installing-aws-wavelength-zone.adoc#cluster-limitations-aws-zone_installing-aws-wavelength-zone[Cluster limitations in AWS {zone-type}] +* xref:../../../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#cluster-limitations-aws-zone_installing-aws-wavelength-zone[Cluster limitations in AWS {zone-type}] .Next steps -* xref:../../installing/installing_aws/installing-aws-wavelength-zone.adoc#installation-launching-installer_installing-aws-wavelength-zone[Deploying the cluster] +* xref:../../../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#installation-launching-installer_installing-aws-wavelength-zone[Deploying the cluster] [id="creating-aws-wavelength-zone-environment-existing_{context}"] == Installing a cluster in an existing VPC that has Wavelength Zone subnets @@ -162,7 +204,7 @@ include::modules/installing-aws-edge-zones-custom-vpc-config.adoc[leveloffset=+2 * For more information about AWS profile and credential configuration, see link:https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html[Configuration and credential file settings] in the AWS documentation. .Next steps -* xref:../../installing/installing_aws/installing-aws-wavelength-zone.adoc#installation-launching-installer_installing-aws-wavelength-zone[Deploying the cluster] +* xref:../../../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#installation-launching-installer_installing-aws-wavelength-zone[Deploying the cluster] // Assign public IP to edge compute nodes (optional) include::modules/installing-with-edge-node-public.adoc[leveloffset=+1] @@ -190,7 +232,7 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* For more information about accessing and understanding the {product-title} web console, see xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] // Verifying nodes that were created with edge compute pool include::modules/machine-edge-pool-review-nodes.adoc[leveloffset=+2] @@ -201,10 +243,10 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* For more information about the Telemetry service, see xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring]. +* xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] .Next steps -//* xref:../../post_installation_configuration/aws-compute-edge-zone-tasks#installation-extend-edge-nodes-aws-local-zones_aws-compute-edge-zone-tasks[Creating user workloads in AWS Local Zones or Wavelength Zones] -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health]. +//* xref:../../../post_installation_configuration/aws-compute-edge-zone-tasks#installation-extend-edge-nodes-aws-local-zones_aws-compute-edge-zone-tasks[Creating user workloads in AWS Local Zones or Wavelength Zones] +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health]. diff --git a/installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc b/installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc similarity index 61% rename from installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc rename to installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc index 59c02c75c0..1809e38be1 100644 --- a/installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc +++ b/installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc @@ -11,9 +11,9 @@ In {product-title} version {product-version}, you can install a cluster on Amazo [id="prerequisites_installing-restricted-networks-aws-installer-provisioned"] == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-about-mirror-registry_installing-mirroring-installation-images[mirrored the images for a disconnected installation] to your registry and obtained the `imageContentSources` data for your version of {product-title}. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-about-mirror-registry_installing-mirroring-installation-images[mirrored the images for a disconnected installation] to your registry and obtained the `imageContentSources` data for your version of {product-title}. + [IMPORTANT] ==== @@ -22,14 +22,14 @@ Because the installation media is on the mirror host, you can use that computer * You have an existing VPC in AWS. When installing to a restricted network using installer-provisioned infrastructure, you cannot use the installer-provisioned VPC. You must use a user-provisioned VPC that satisfies one of the following requirements: ** Contains the mirror registry ** Has firewall rules or a peering connection to access the mirror registry hosted elsewhere -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or Unix)] in the AWS documentation. -* If you use a firewall and plan to use the Telemetry service, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured the firewall to allow the sites] that your cluster requires access to. +* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or UNIX)] in the AWS documentation. +* If you use a firewall and plan to use the Telemetry service, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured the firewall to allow the sites] that your cluster requires access to. + [NOTE] ==== @@ -48,14 +48,14 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-config-yaml.adoc[leveloffset=+2] @@ -69,9 +69,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#manually-create-iam_installing-restricted-networks-aws-installer-provisioned[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#manually-create-iam_installing-restricted-networks-aws-installer-provisioned[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#installing-aws-with-short-term-creds_installing-restricted-networks-aws-installer-provisioned[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-aws-with-short-term-creds_installing-restricted-networks-aws-installer-provisioned[Configuring an AWS cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -91,9 +91,9 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] You have the following options when creating AWS resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#cco-ccoctl-creating-at-once_installing-restricted-networks-aws-installer-provisioned[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#cco-ccoctl-creating-at-once_installing-restricted-networks-aws-installer-provisioned[Creating AWS resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#cco-ccoctl-creating-individually_installing-restricted-networks-aws-installer-provisioned[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#cco-ccoctl-creating-individually_installing-restricted-networks-aws-installer-provisioned[Creating AWS resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -115,14 +115,14 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service [id="next-steps_installing-restricted-networks-aws-installer-provisioned"] == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validate an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-must-gather-disconnected[Configure image streams] for the Cluster Samples Operator and the `must-gather` tool. -* Learn how to xref:../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[use Operator Lifecycle Manager (OLM) on restricted networks]. -* If the mirror registry that you used to install your cluster has a trusted CA, add it to the cluster by xref:../../openshift_images/image-configuration.adoc#images-configuration-cas_image-configuration[configuring additional trust stores]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validate an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#post-install-must-gather-disconnected[Configure image streams] for the Cluster Samples Operator and the `must-gather` tool. +* Learn how to xref:../../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[use Operator Lifecycle Manager (OLM) on restricted networks]. +* If the mirror registry that you used to install your cluster has a trusted CA, add it to the cluster by xref:../../../openshift_images/image-configuration.adoc#images-configuration-cas_image-configuration[configuring additional trust stores]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_aws/ipi/modules b/installing/installing_aws/ipi/modules new file mode 120000 index 0000000000..5be29a99c1 --- /dev/null +++ b/installing/installing_aws/ipi/modules @@ -0,0 +1 @@ +../../../modules \ No newline at end of file diff --git a/installing/installing_aws/ipi/snippets b/installing/installing_aws/ipi/snippets new file mode 120000 index 0000000000..2490678d80 --- /dev/null +++ b/installing/installing_aws/ipi/snippets @@ -0,0 +1 @@ +../../../snippets \ No newline at end of file diff --git a/installing/installing_aws/modules b/installing/installing_aws/modules index 464b823aca..8b0e854007 120000 --- a/installing/installing_aws/modules +++ b/installing/installing_aws/modules @@ -1 +1 @@ -../modules \ No newline at end of file +../../modules \ No newline at end of file diff --git a/installing/installing_aws/preparing-to-install-on-aws.adoc b/installing/installing_aws/preparing-to-install-on-aws.adoc index ec149250ab..919818df04 100644 --- a/installing/installing_aws/preparing-to-install-on-aws.adoc +++ b/installing/installing_aws/preparing-to-install-on-aws.adoc @@ -17,7 +17,7 @@ toc::[] Before installing {product-title} on Amazon Web Services (AWS), you must create an AWS account. See xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[Configuring an AWS account] for details about configuring an account, account limits, account permissions, IAM user setup, and supported AWS regions. -If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, see xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] or xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[configuring an AWS cluster to use short-term credentials] with Amazon Web Services Security Token Service (AWS STS). +If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, see xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] or xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[configuring an AWS cluster to use short-term credentials] with Amazon Web Services Security Token Service (AWS STS). [id="choosing-an-method-to-install-ocp-on-aws"] == Choosing a method to install {product-title} on AWS @@ -29,35 +29,35 @@ See xref:../../architecture/architecture-installation.adoc#installation-process_ [id="choosing-an-method-to-install-ocp-on-aws-single-node"] === Installing a cluster on a single node -Installing {product-title} on a single node alleviates some of the requirements for high availability and large scale clusters. However, you must address the xref:../../installing/installing_sno/install-sno-preparing-to-install-sno.adoc#install-sno-requirements-for-installing-on-a-single-node_install-sno-preparing[requirements for installing on a single node], and the xref:../../installing/installing_sno/install-sno-installing-sno.adoc#additional-requirements-for-installing-sno-on-a-cloud-provider_install-sno-installing-sno-with-the-assisted-installer[additional requirements for installing {sno} on a cloud provider]. After addressing the requirements for single node installation, use the xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Installing a customized cluster on AWS] procedure to install the cluster. The xref:../../installing/installing_sno/install-sno-installing-sno.adoc#install-sno-installing-sno-manually[installing single-node OpenShift manually] section contains an exemplary `install-config.yaml` file when installing an {product-title} cluster on a single node. +Installing {product-title} on a single node alleviates some of the requirements for high availability and large scale clusters. However, you must address the xref:../../installing/installing_sno/install-sno-preparing-to-install-sno.adoc#install-sno-requirements-for-installing-on-a-single-node_install-sno-preparing[requirements for installing on a single node], and the xref:../../installing/installing_sno/install-sno-installing-sno.adoc#additional-requirements-for-installing-sno-on-a-cloud-provider_install-sno-installing-sno-with-the-assisted-installer[additional requirements for installing {sno} on a cloud provider]. After addressing the requirements for single node installation, use the xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a customized cluster on AWS] procedure to install the cluster. The xref:../../installing/installing_sno/install-sno-installing-sno.adoc#install-sno-installing-sno-manually[installing single-node OpenShift manually] section contains an exemplary `install-config.yaml` file when installing an {product-title} cluster on a single node. [id="choosing-an-method-to-install-ocp-on-aws-installer-provisioned"] === Installing a cluster on installer-provisioned infrastructure You can install a cluster on AWS infrastructure that is provisioned by the {product-title} installation program, by using one of the following methods: -* **xref:../../installing/installing_aws/installing-aws-default.adoc#installing-aws-default[Installing a cluster quickly on AWS]**: You can install {product-title} on AWS infrastructure that is provisioned by the {product-title} installation program. You can install a cluster quickly by using the default configuration options. +* **xref:../../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[Installing a cluster quickly on AWS]**: You can install {product-title} on AWS infrastructure that is provisioned by the {product-title} installation program. You can install a cluster quickly by using the default configuration options. -* **xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Installing a customized cluster on AWS]**: You can install a customized cluster on AWS infrastructure that the installation program provisions. The installation program allows for some customization to be applied at the installation stage. Many other customization options are available xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-cluster-tasks[post-installation]. +* **xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a customized cluster on AWS]**: You can install a customized cluster on AWS infrastructure that the installation program provisions. The installation program allows for some customization to be applied at the installation stage. Many other customization options are available xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-cluster-tasks[post-installation]. -* **xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]**: You can customize your {product-title} network configuration during installation, so that your cluster can coexist with your existing IP address allocations and adhere to your network requirements. +* **xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]**: You can customize your {product-title} network configuration during installation, so that your cluster can coexist with your existing IP address allocations and adhere to your network requirements. -* **xref:../../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[Installing a cluster on AWS in a restricted network]**: You can install {product-title} on AWS on installer-provisioned infrastructure by using an internal mirror of the installation release content. You can use this method to install a cluster that does not require an active internet connection to obtain the software components. +* **xref:../../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[Installing a cluster on AWS in a restricted network]**: You can install {product-title} on AWS on installer-provisioned infrastructure by using an internal mirror of the installation release content. You can use this method to install a cluster that does not require an active internet connection to obtain the software components. -* **xref:../../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[Installing a cluster on an existing Virtual Private Cloud]**: You can install {product-title} on an existing AWS Virtual Private Cloud (VPC). You can use this installation method if you have constraints set by the guidelines of your company, such as limits when creating new accounts or infrastructure. +* **xref:../../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[Installing a cluster on an existing Virtual Private Cloud]**: You can install {product-title} on an existing AWS Virtual Private Cloud (VPC). You can use this installation method if you have constraints set by the guidelines of your company, such as limits when creating new accounts or infrastructure. -* **xref:../../installing/installing_aws/installing-aws-private.adoc#installing-aws-private[Installing a private cluster on an existing VPC]**: You can install a private cluster on an existing AWS VPC. You can use this method to deploy {product-title} on an internal network that is not visible to the internet. +* **xref:../../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[Installing a private cluster on an existing VPC]**: You can install a private cluster on an existing AWS VPC. You can use this method to deploy {product-title} on an internal network that is not visible to the internet. -* **xref:../../installing/installing_aws/installing-aws-government-region.adoc#installing-aws-government-region[Installing a cluster on AWS into a government or secret region]**: {product-title} can be deployed into AWS regions that are specifically designed for US government agencies at the federal, state, and local level, as well as contractors, educational institutions, and other US customers that must run sensitive workloads in the cloud. +* **xref:../../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[Installing a cluster on AWS into a government or secret region]**: {product-title} can be deployed into AWS regions that are specifically designed for US government agencies at the federal, state, and local level, as well as contractors, educational institutions, and other US customers that must run sensitive workloads in the cloud. [id="choosing-an-method-to-install-ocp-on-aws-user-provisioned"] === Installing a cluster on user-provisioned infrastructure You can install a cluster on AWS infrastructure that you provision, by using one of the following methods: -* **xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on AWS infrastructure that you provide]**: You can install {product-title} on AWS infrastructure that you provide. You can use the provided CloudFormation templates to create stacks of AWS resources that represent each of the components required for an {product-title} installation. +* **xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on AWS infrastructure that you provide]**: You can install {product-title} on AWS infrastructure that you provide. You can use the provided CloudFormation templates to create stacks of AWS resources that represent each of the components required for an {product-title} installation. -* **xref:../../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[Installing a cluster on AWS in a restricted network with user-provisioned infrastructure]**: You can install {product-title} on AWS infrastructure that you provide by using an internal mirror of the installation release content. You can use this method to install a cluster that does not require an active internet connection to obtain the software components. You can also use this installation method to ensure that your clusters only use container images that satisfy your organizational controls on external content. While you can install {product-title} by using the mirrored content, your cluster still requires internet access to use the AWS APIs. +* **xref:../../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[Installing a cluster on AWS in a restricted network with user-provisioned infrastructure]**: You can install {product-title} on AWS infrastructure that you provide by using an internal mirror of the installation release content. You can use this method to install a cluster that does not require an active internet connection to obtain the software components. You can also use this installation method to ensure that your clusters only use container images that satisfy your organizational controls on external content. While you can install {product-title} by using the mirrored content, your cluster still requires internet access to use the AWS APIs. [id="preparing-to-install-on-aws-next-steps"] == Next steps diff --git a/installing/installing_aws/upi/_attributes b/installing/installing_aws/upi/_attributes new file mode 120000 index 0000000000..cd86bd826c --- /dev/null +++ b/installing/installing_aws/upi/_attributes @@ -0,0 +1 @@ +../../../_attributes \ No newline at end of file diff --git a/installing/installing_aws/upi/images b/installing/installing_aws/upi/images new file mode 120000 index 0000000000..4dd3347de1 --- /dev/null +++ b/installing/installing_aws/upi/images @@ -0,0 +1 @@ +../../../images \ No newline at end of file diff --git a/installing/installing_aws/installing-aws-user-infra.adoc b/installing/installing_aws/upi/installing-aws-user-infra.adoc similarity index 75% rename from installing/installing_aws/installing-aws-user-infra.adoc rename to installing/installing_aws/upi/installing-aws-user-infra.adoc index 735a49a64b..3261096b5a 100644 --- a/installing/installing_aws/installing-aws-user-infra.adoc +++ b/installing/installing_aws/upi/installing-aws-user-infra.adoc @@ -18,22 +18,22 @@ The steps for performing a user-provisioned infrastructure installation are prov == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== * You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or UNIX)] in the AWS documentation. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. + [NOTE] ==== Be sure to also review this site list if you are configuring a proxy. ==== -* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you can xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[manually create and maintain long-term credentials]. +* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you can xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[manually create and maintain long-term credentials]. include::modules/cluster-entitlements.adoc[leveloffset=+1] @@ -51,7 +51,7 @@ include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-arm-tested-machine-types.adoc[leveloffset=+2] @@ -134,7 +134,7 @@ include::modules/installation-cloudformation-bootstrap.adoc[leveloffset=+2] * You can view details about the CloudFormation stacks that you create by navigating to the link:https://console.aws.amazon.com/cloudformation/[AWS CloudFormation console]. -* See xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installation-aws-user-infra-rhcos-ami_installing-aws-user-infra[{op-system} AMIs for the AWS infrastructure] for details about the {op-system-first} AMIs for the AWS zones. +* See xref:../../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installation-aws-user-infra-rhcos-ami_installing-aws-user-infra[{op-system} AMIs for the AWS infrastructure] for details about the {op-system-first} AMIs for the AWS zones. include::modules/installation-creating-aws-control-plane.adoc[leveloffset=+1] @@ -169,9 +169,9 @@ include::modules/installation-aws-user-infra-bootstrap.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/troubleshooting/troubleshooting-installations.adoc#monitoring-installation-progress_troubleshooting-installations[Monitoring installation progress] for details about monitoring the installation, bootstrap, and control plane logs as an {product-title} installation progresses. +* See xref:../../../support/troubleshooting/troubleshooting-installations.adoc#monitoring-installation-progress_troubleshooting-installations[Monitoring installation progress] for details about monitoring the installation, bootstrap, and control plane logs as an {product-title} installation progresses. -* See xref:../../support/troubleshooting/troubleshooting-installations.adoc#gathering-bootstrap-diagnostic-data_troubleshooting-installations[Gathering bootstrap node diagnostic data] for information about troubleshooting issues related to the bootstrap process. +* See xref:../../../support/troubleshooting/troubleshooting-installations.adoc#gathering-bootstrap-diagnostic-data_troubleshooting-installations[Gathering bootstrap node diagnostic data] for information about troubleshooting issues related to the bootstrap process. * You can view details about the running instances that are created by using the link:https://console.aws.amazon.com/ec2[AWS EC2 console]. @@ -185,7 +185,7 @@ include::modules/installation-operators-config.adoc[leveloffset=+1] include::modules/installation-registry-storage-config.adoc[leveloffset=+2] -You can configure registry storage for user-provisioned infrastructure in AWS to deploy {product-title} to hidden regions. See xref:../../registry/configuring_registry_storage/configuring-registry-storage-aws-user-infrastructure.adoc#configuring-registry-storage-aws-user-infrastructure[Configuring the registry for AWS user-provisioned infrastructure] for more information. +You can configure registry storage for user-provisioned infrastructure in AWS to deploy {product-title} to hidden regions. See xref:../../../registry/configuring_registry_storage/configuring-registry-storage-aws-user-infrastructure.adoc#configuring-registry-storage-aws-user-infrastructure[Configuring the registry for AWS user-provisioned infrastructure] for more information. include::modules/registry-configuring-storage-aws-user-infra.adoc[leveloffset=+3] @@ -202,14 +202,14 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service. [role="_additional-resources"] [id="installing-aws-user-infra-additional-resources"] @@ -220,7 +220,7 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [id="installing-aws-user-infra-next-steps"] == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validating an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/installing-restricted-networks-aws.adoc b/installing/installing_aws/upi/installing-restricted-networks-aws.adoc similarity index 66% rename from installing/installing_aws/installing-restricted-networks-aws.adoc rename to installing/installing_aws/upi/installing-restricted-networks-aws.adoc index 4903ec0e65..edaf54a0e8 100644 --- a/installing/installing_aws/installing-restricted-networks-aws.adoc +++ b/installing/installing_aws/upi/installing-restricted-networks-aws.adoc @@ -28,28 +28,28 @@ The steps for performing a user-provisioned infrastructure installation are prov == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installing-mirroring-installation-images[created a mirror registry on your mirror host] and obtained the `imageContentSources` data for your version of {product-title}. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installing-mirroring-installation-images[created a mirror registry on your mirror host] and obtained the `imageContentSources` data for your version of {product-title}. + [IMPORTANT] ==== Because the installation media is on the mirror host, you can use that computer to complete all installation steps. ==== -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. +* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. + [IMPORTANT] ==== If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. ==== -* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or Unix)] in the AWS documentation. -* If you use a firewall and plan to use the Telemetry service, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured the firewall to allow the sites] that your cluster requires access to. +* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or UNIX)] in the AWS documentation. +* If you use a firewall and plan to use the Telemetry service, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured the firewall to allow the sites] that your cluster requires access to. + [NOTE] ==== Be sure to also review this site list if you are configuring a proxy. ==== -* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you can xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[manually create and maintain long-term credentials]. +* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you can xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[manually create and maintain long-term credentials]. include::modules/installation-about-restricted-network.adoc[leveloffset=+1] @@ -69,7 +69,7 @@ include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-aws-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-aws-arm-tested-machine-types.adoc[leveloffset=+2] @@ -103,7 +103,7 @@ include::modules/installation-user-infra-generate-k8s-manifest-ignition.adoc[lev [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc#manually-create-iam_installing-restricted-networks-aws-installer-provisioned[Manually creating long-term credentials] +* xref:../../../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#manually-create-iam_installing-restricted-networks-aws-installer-provisioned[Manually creating long-term credentials] include::modules/installation-extracting-infraid.adoc[leveloffset=+1] @@ -135,7 +135,7 @@ include::modules/installation-cloudformation-bootstrap.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* See xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installation-aws-user-infra-rhcos-ami_installing-aws-user-infra[{op-system} AMIs for the AWS infrastructure] for details about the {op-system-first} AMIs for the AWS zones. +* See xref:../../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installation-aws-user-infra-rhcos-ami_installing-aws-user-infra[{op-system} AMIs for the AWS infrastructure] for details about the {op-system-first} AMIs for the AWS zones. include::modules/installation-creating-aws-control-plane.adoc[leveloffset=+1] @@ -157,9 +157,9 @@ include::modules/installation-aws-user-infra-bootstrap.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/troubleshooting/troubleshooting-installations.adoc#monitoring-installation-progress_troubleshooting-installations[Monitoring installation progress] for details about monitoring the installation, bootstrap, and control plane logs as an {product-title} installation progresses. +* See xref:../../../support/troubleshooting/troubleshooting-installations.adoc#monitoring-installation-progress_troubleshooting-installations[Monitoring installation progress] for details about monitoring the installation, bootstrap, and control plane logs as an {product-title} installation progresses. -* See xref:../../support/troubleshooting/troubleshooting-installations.adoc#gathering-bootstrap-diagnostic-data_troubleshooting-installations[Gathering bootstrap node diagnostic data] for information about troubleshooting issues related to the bootstrap process. +* See xref:../../../support/troubleshooting/troubleshooting-installations.adoc#gathering-bootstrap-diagnostic-data_troubleshooting-installations[Gathering bootstrap node diagnostic data] for information about troubleshooting issues related to the bootstrap process. //You can install the CLI on the mirror host. @@ -188,14 +188,14 @@ include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service [role="_additional-resources"] [id="installing-restricted-networks-aws-additional-resources"] @@ -206,11 +206,11 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [id="installing-restricted-networks-aws-next-steps"] == Next steps -* xref:../../installing/validating-an-installation.adoc#validating-an-installation[Validate an installation]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-must-gather-disconnected[Configure image streams] for the Cluster Samples Operator and the `must-gather` tool. -* Learn how to xref:../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[use Operator Lifecycle Manager (OLM) on restricted networks]. -* If the mirror registry that you used to install your cluster has a trusted CA, add it to the cluster by xref:../../openshift_images/image-configuration.adoc#images-configuration-cas_image-configuration[configuring additional trust stores]. -* If necessary, you can xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. -* If necessary, see xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#insights-operator-register-disconnected-cluster_opting-out-remote-health-reporting[Registering your disconnected cluster] -* If necessary, you can xref:../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. +* xref:../../../installing/validating-an-installation.adoc#validating-an-installation[Validate an installation]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#post-install-must-gather-disconnected[Configure image streams] for the Cluster Samples Operator and the `must-gather` tool. +* Learn how to xref:../../../operators/admin/olm-restricted-networks.adoc#olm-restricted-networks[use Operator Lifecycle Manager (OLM) on restricted networks]. +* If the mirror registry that you used to install your cluster has a trusted CA, add it to the cluster by xref:../../../openshift_images/image-configuration.adoc#images-configuration-cas_image-configuration[configuring additional trust stores]. +* If necessary, you can xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +* If necessary, see xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#insights-operator-register-disconnected-cluster_opting-out-remote-health-reporting[Registering your disconnected cluster] +* If necessary, you can xref:../../../post_installation_configuration/cluster-tasks.adoc#manually-removing-cloud-creds_post-install-cluster-tasks[remove cloud provider credentials]. diff --git a/installing/installing_aws/upi/modules b/installing/installing_aws/upi/modules new file mode 120000 index 0000000000..5be29a99c1 --- /dev/null +++ b/installing/installing_aws/upi/modules @@ -0,0 +1 @@ +../../../modules \ No newline at end of file diff --git a/installing/installing_aws/upi/snippets b/installing/installing_aws/upi/snippets new file mode 120000 index 0000000000..2490678d80 --- /dev/null +++ b/installing/installing_aws/upi/snippets @@ -0,0 +1 @@ +../../../snippets \ No newline at end of file diff --git a/installing/installing_sno/install-sno-installing-sno.adoc b/installing/installing_sno/install-sno-installing-sno.adoc index d23c3fed16..241ec93b4d 100644 --- a/installing/installing_sno/install-sno-installing-sno.adoc +++ b/installing/installing_sno/install-sno-installing-sno.adoc @@ -103,7 +103,7 @@ include::modules/installation-aws_con_installing-sno-on-aws.adoc[leveloffset=+2] .Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with customizations] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with customizations] include::modules/install-sno-installing-sno-on-azure.adoc[leveloffset=+2] diff --git a/installing/installing_vsphere/ipi/images b/installing/installing_vsphere/ipi/images index 4399cbb3c0..4dd3347de1 120000 --- a/installing/installing_vsphere/ipi/images +++ b/installing/installing_vsphere/ipi/images @@ -1 +1 @@ -../../../images/ \ No newline at end of file +../../../images \ No newline at end of file diff --git a/machine_management/user_infra/adding-aws-compute-user-infra.adoc b/machine_management/user_infra/adding-aws-compute-user-infra.adoc index 6e564efc19..da6c1e6a79 100644 --- a/machine_management/user_infra/adding-aws-compute-user-infra.adoc +++ b/machine_management/user_infra/adding-aws-compute-user-infra.adoc @@ -11,8 +11,8 @@ You can add more compute machines to your {product-title} cluster on Amazon Web [id="prerequisites_adding-aws-compute-user-infra"] == Prerequisites -* You installed your cluster on AWS by using the provided xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[AWS CloudFormation templates]. -* You have the JSON file and CloudFormation template that you used to create the compute machines during cluster installation. If you do not have these files, you must recreate them by following the instructions in the xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[installation procedure]. +* You installed your cluster on AWS by using the provided xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[AWS CloudFormation templates]. +* You have the JSON file and CloudFormation template that you used to create the compute machines during cluster installation. If you do not have these files, you must recreate them by following the instructions in the xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[installation procedure]. include::modules/machine-adding-aws-compute-cloudformation.adoc[leveloffset=+1] diff --git a/modules/aws-zones-prerequisites.adoc b/modules/aws-zones-prerequisites.adoc deleted file mode 100644 index b14324b3ab..0000000000 --- a/modules/aws-zones-prerequisites.adoc +++ /dev/null @@ -1,88 +0,0 @@ -// Module included in the following assemblies: -// -// * installing/installing-aws-localzone.adoc (Installing a cluster on AWS with worker nodes on AWS Local Zones) -// * installing/installing-aws-wavelength-zone.adoc (Installing a cluster on AWS with worker nodes on AWS Wavelength Zones) - -ifeval::["{context}" == "installing-aws-localzone"] -:local-zone: -endif::[] -ifeval::["{context}" == "installing-aws-wavelength-zone"] -:wavelength-zone: -endif::[] - -:_mod-docs-content-type: CONCEPT -[id="aws-zones-prerequisites_{context}"] -= Infrastructure prerequisites - -* You reviewed details about xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You are familiar with xref:../../installing/installing-preparing.adoc#installing-preparing[Selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster. -+ -[WARNING] -==== -If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. -==== -* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or UNIX)] in the AWS documentation. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster must access. -ifdef::local-zone[] -* You noted the region and supported link:https://aws.amazon.com/about-aws/global-infrastructure/localzones/locations[AWS Local Zones locations] to create the network resources in. -* You read the link:https://aws.amazon.com/about-aws/global-infrastructure/localzones/features/[AWS Local Zones features] in the AWS documentation. -* You added permissions for creating network resources that support AWS Local Zones to the Identity and Access Management (IAM) user or role. The following example enables a zone group that can provide a user or role access for creating network network resources that support AWS {zone-type}. -+ -.Example of an additional IAM policy with the `ec2:ModifyAvailabilityZoneGroup` permission attached to an IAM user or role. -+ -[source,yaml] ----- -{ - "Version": "2012-10-17", - "Statement": [ - { - "Action": [ - "ec2:ModifyAvailabilityZoneGroup" - ], - "Effect": "Allow", - "Resource": "*" - } - ] -} ----- -endif::local-zone[] -ifdef::wavelength-zone[] -* You noted the region and supported link:https://aws.amazon.com/wavelength/locations[AWS Wavelength Zone locations] to create the network resources in. -* You read link:https://aws.amazon.com/about-aws/global-infrastructure/localzones/features/[AWS Wavelength features] in the AWS documentation. -* You read the link:https://docs.aws.amazon.com/wavelength/latest/developerguide/wavelength-quotas.html[Quotas and considerations for Wavelength Zones] in the AWS documentation. -* You added permissions for creating network resources that support AWS Wavelength Zones to the Identity and Access Management (IAM) user or role. For example: -+ -.Example of an additional IAM policy that attached `ec2:ModifyAvailabilityZoneGroup`, `ec2:CreateCarrierGateway`, and `ec2:DeleteCarrierGateway` permissions to a user or role -+ -[source,yaml] ----- -{ - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "ec2:DeleteCarrierGateway", - "ec2:CreateCarrierGateway" - ], - "Resource": "*" - }, - { - "Action": [ - "ec2:ModifyAvailabilityZoneGroup" - ], - "Effect": "Allow", - "Resource": "*" - } - ] -} ----- -endif::wavelength-zone[] - -ifeval::["{context}" == "installing-aws-localzone"] -:!local-zone: -endif::[] -ifeval::["{context}" == "installing-aws-wavelength-zone"] -:!wavelength-zone: -endif::[] diff --git a/modules/installation-aws-arm-tested-machine-types.adoc b/modules/installation-aws-arm-tested-machine-types.adoc index 31e27b899e..947b1805da 100644 --- a/modules/installation-aws-arm-tested-machine-types.adoc +++ b/modules/installation-aws-arm-tested-machine-types.adoc @@ -16,10 +16,10 @@ The following Amazon Web Services (AWS) 64-bit ARM instance types have been test [NOTE] ==== -Use the machine types included in the following charts for your AWS ARM instances. If you use an instance type that is not listed in the chart, ensure that the instance size you use matches the minimum resource requirements that are listed in "Minimum resource requirements for cluster installation". +Use the machine types included in the following charts for your AWS ARM instances. If you use an instance type that is not listed in the chart, ensure that the instance size you use matches the minimum resource requirements that are listed in "Minimum resource requirements for cluster installation". ==== -.Machine types based on 64-bit ARM architecture +.Machine types based on 64-bit ARM architecture [%collapsible] ==== include::https://raw.githubusercontent.com/openshift/installer/master/docs/user/aws/tested_instance_types_aarch64.md[] diff --git a/networking/aws_load_balancer_operator/installing-albo-sts-cluster.adoc b/networking/aws_load_balancer_operator/installing-albo-sts-cluster.adoc index af170af03a..b9dd6d3721 100644 --- a/networking/aws_load_balancer_operator/installing-albo-sts-cluster.adoc +++ b/networking/aws_load_balancer_operator/installing-albo-sts-cluster.adoc @@ -17,7 +17,7 @@ An additional AWS Identity and Access Management (IAM) role is required to succe You can create the IAM role by using the following options: -* Using xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)] and a predefined `CredentialsRequest` object. +* Using xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)] and a predefined `CredentialsRequest` object. * Using the AWS CLI and predefined AWS manifests. Use the AWS CLI if your environment does not support the `ccoctl` command. @@ -34,7 +34,7 @@ The `CredentialsRequest` object for the AWS Load Balancer Controller must be set You can create the IAM role by using the following options: -* Using xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)] and a predefined `CredentialsRequest` object. +* Using xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)] and a predefined `CredentialsRequest` object. * Using the AWS CLI and predefined AWS manifests. Use the AWS CLI if your environment does not support the `ccoctl` command. @@ -44,4 +44,4 @@ include::modules/using-aws-cli-create-iam-role-alb-controller.adoc[leveloffset=+ [role="_additional-resources"] == Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] diff --git a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc b/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc index fb9a2bc906..83485b3f95 100644 --- a/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc +++ b/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc @@ -35,7 +35,7 @@ include::modules/nw-aws-nlb-existing-cluster.adoc[leveloffset=+2] [IMPORTANT] ==== -Before you can configure an Ingress Controller NLB on a new AWS cluster, you must complete the xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#installation-initializing_installing-aws-network-customizations[Creating the installation configuration file] procedure. +Before you can configure an Ingress Controller NLB on a new AWS cluster, you must complete the xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installation-initializing_installing-aws-network-customizations[Creating the installation configuration file] procedure. ==== include::modules/nw-aws-nlb-new-cluster.adoc[leveloffset=+2] @@ -44,6 +44,6 @@ include::modules/nw-aws-nlb-new-cluster.adoc[leveloffset=+2] [id="additional-resources_configuring-ingress-cluster-traffic-aws"] == Additional resources -* xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]. +* xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]. * For more information on support for NLBs, see link:https://kubernetes.io/docs/concepts/services-networking/service/#aws-nlb-support[Network Load Balancer support on AWS]. * For more information on proxy protocol support for CLBs, see link:https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html[Configure proxy protocol support for your Classic Load Balancer] diff --git a/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc b/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc index 81b031a8c6..9e2d6a640d 100644 --- a/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc +++ b/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc @@ -16,5 +16,5 @@ include::modules/configuring-hybrid-ovnkubernetes.adoc[leveloffset=+1] * xref:../../windows_containers/understanding-windows-container-workloads.adoc#understanding-windows-container-workloads[Understanding Windows container workloads] * xref:../../windows_containers/enabling-windows-container-workloads.adoc#enabling-windows-container-workloads[Enabling Windows container workloads] -* xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations] +* xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations] * xref:../../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Installing a cluster on Azure with network customizations] diff --git a/nodes/pods/nodes-pods-secrets-store.adoc b/nodes/pods/nodes-pods-secrets-store.adoc index 4ea523aad1..63e1c3a1d3 100644 --- a/nodes/pods/nodes-pods-secrets-store.adoc +++ b/nodes/pods/nodes-pods-secrets-store.adoc @@ -41,7 +41,7 @@ include::modules/secrets-store-aws.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] // --- START OF CONTEXT CHANGE --- // Setting a unique context for including the secrets-store-aws.adoc module a second time in this assembly @@ -58,7 +58,7 @@ include::modules/secrets-store-aws.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] // Mounting secrets from Azure Key Vault include::modules/secrets-store-azure.adoc[leveloffset=+2] diff --git a/observability/distr_tracing/distr_tracing_jaeger/distr-tracing-jaeger-installing.adoc b/observability/distr_tracing/distr_tracing_jaeger/distr-tracing-jaeger-installing.adoc index 439c80a0cf..0620a8d4af 100644 --- a/observability/distr_tracing/distr_tracing_jaeger/distr-tracing-jaeger-installing.adoc +++ b/observability/distr_tracing/distr_tracing_jaeger/distr-tracing-jaeger-installing.adoc @@ -26,7 +26,7 @@ Before you can install {DTProductName}, review the installation activities, and * Install {product-title} {product-version}. ** xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[Install {product-title} {product-version} on AWS] -** xref:../../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[Install {product-title} {product-version} on user-provisioned AWS] +** xref:../../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Install {product-title} {product-version} on user-provisioned AWS] ** xref:../../../installing/installing_bare_metal/installing-bare-metal.adoc#installing-bare-metal[Install {product-title} {product-version} on bare metal] ** xref:../../../installing/installing_vsphere/upi/installing-vsphere.adoc#installing-vsphere[Install {product-title} {product-version} on vSphere] * Install the version of the `oc` CLI tool that matches your {product-title} version and add it to your path. diff --git a/post_installation_configuration/aws-compute-edge-zone-tasks.adoc b/post_installation_configuration/aws-compute-edge-zone-tasks.adoc index 6328f33605..c7df4b1c4b 100644 --- a/post_installation_configuration/aws-compute-edge-zone-tasks.adoc +++ b/post_installation_configuration/aws-compute-edge-zone-tasks.adoc @@ -62,8 +62,8 @@ include::modules/machineset-creating.adoc[leveloffset=+3] [role="_additional-resources"] .Additional resources -* xref:../installing/installing_aws/installing-aws-localzone.adoc#installing-aws-localzone[Installing a cluster on AWS with compute nodes on AWS Local Zones] -* xref:../installing/installing_aws/installing-aws-wavelength-zone.adoc#installing-aws-wavelength-zone[Installing a cluster on AWS with compute nodes on AWS Wavelength Zones] +* xref:../installing/installing_aws/ipi/installing-aws-localzone.adoc#installing-aws-localzone[Installing a cluster on AWS with compute nodes on AWS Local Zones] +* xref:../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#installing-aws-wavelength-zone[Installing a cluster on AWS with compute nodes on AWS Wavelength Zones] // Creating user workloads in AWS Local Zones or Wavelength Zones include::modules/installation-extend-edge-nodes-aws-local-zones.adoc[leveloffset=+1] @@ -71,8 +71,8 @@ include::modules/installation-extend-edge-nodes-aws-local-zones.adoc[leveloffset [role="_additional-resources"] .Additional resources -* xref:../installing/installing_aws/installing-aws-localzone.adoc#installing-aws-localzone[Installing a cluster on AWS with compute nodes on AWS Local Zones] -* xref:../installing/installing_aws/installing-aws-wavelength-zone.adoc#installing-aws-wavelength-zone[Installing a cluster on AWS with compute nodes on AWS Wavelength Zones] +* xref:../installing/installing_aws/ipi/installing-aws-localzone.adoc#installing-aws-localzone[Installing a cluster on AWS with compute nodes on AWS Local Zones] +* xref:../installing/installing_aws/ipi/installing-aws-wavelength-zone.adoc#installing-aws-wavelength-zone[Installing a cluster on AWS with compute nodes on AWS Wavelength Zones] * xref:../nodes/scheduling/nodes-scheduler-taints-tolerations.adoc#nodes-scheduler-taints-tolerations-about_nodes-scheduler-taints-tolerations[Understanding taints and tolerations] [id="next-steps_aws-zone-tasks"] diff --git a/post_installation_configuration/cluster-tasks.adoc b/post_installation_configuration/cluster-tasks.adoc index 55c9d03c3f..670fcb7cc5 100644 --- a/post_installation_configuration/cluster-tasks.adoc +++ b/post_installation_configuration/cluster-tasks.adoc @@ -156,7 +156,7 @@ xref:../networking/dns-operator.adoc#dns-operator[view the DNS Operator status]. |`network.config.openshift.io` |`cluster` |You cannot modify your cluster networking after installation. To customize your network, follow the process to -xref:../installing/installing_aws/installing-aws-network-customizations.adoc#installing-aws-network-customizations[customize networking during installation]. +xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[customize networking during installation]. |=== diff --git a/post_installation_configuration/configuring-aws-outposts.adoc b/post_installation_configuration/configuring-aws-outposts.adoc index ebf2d916df..37b16898cd 100644 --- a/post_installation_configuration/configuring-aws-outposts.adoc +++ b/post_installation_configuration/configuring-aws-outposts.adoc @@ -7,7 +7,7 @@ include::_attributes/common-attributes.adoc[] toc::[] -After xref:../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[installing a cluster on Amazon Web Services (AWS) into an existing Amazon Virtual Private Cloud (VPC)], you can create a compute machine set that deploys compute machines in AWS Outposts. +After xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[installing a cluster on Amazon Web Services (AWS) into an existing Amazon Virtual Private Cloud (VPC)], you can create a compute machine set that deploys compute machines in AWS Outposts. AWS Outposts is an AWS edge compute service that enables using many features of a cloud-based AWS deployment with the reduced latency of an on-premise environment. For more information, see the link:https://docs.aws.amazon.com/outposts/[AWS Outposts documentation]. @@ -84,4 +84,4 @@ include::modules/nw-aws-load-balancer-with-outposts.adoc[leveloffset=+2] [role="_additional-resources"] [id="additional-resources_configuring-aws-outposts"] == Additional resources -* xref:../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[Installing a cluster on AWS into an existing VPC] \ No newline at end of file +* xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[Installing a cluster on AWS into an existing VPC] \ No newline at end of file diff --git a/post_installation_configuration/configuring-multi-arch-compute-machines/creating-multi-arch-compute-nodes-aws.adoc b/post_installation_configuration/configuring-multi-arch-compute-machines/creating-multi-arch-compute-nodes-aws.adoc index e3b522ad08..dbe3241ebd 100644 --- a/post_installation_configuration/configuring-multi-arch-compute-machines/creating-multi-arch-compute-nodes-aws.adoc +++ b/post_installation_configuration/configuring-multi-arch-compute-machines/creating-multi-arch-compute-nodes-aws.adoc @@ -6,7 +6,7 @@ include::_attributes/common-attributes.adoc[] toc::[] -To create an AWS cluster with multi-architecture compute machines, you must first create a single-architecture AWS installer-provisioned cluster with the multi-architecture installer binary. For more information on AWS installations, refer to xref:../../installing/installing_aws/installing-aws-customizations.adoc[Installing a cluster on AWS with customizations]. You can then add a ARM64 compute machine set to your AWS cluster. +To create an AWS cluster with multi-architecture compute machines, you must first create a single-architecture AWS installer-provisioned cluster with the multi-architecture installer binary. For more information on AWS installations, refer to xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with customizations]. You can then add a ARM64 compute machine set to your AWS cluster. include::modules/multi-architecture-verifying-cluster-compatibility.adoc[leveloffset=+1] @@ -14,5 +14,5 @@ include::modules/multi-architecture-modify-machine-set-aws.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#installation-aws-arm-tested-machine-types_installing-aws-customizations[Tested instance types for AWS 64-bit ARM] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installation-aws-arm-tested-machine-types_installing-aws-customizations[Tested instance types for AWS 64-bit ARM] diff --git a/scalability_and_performance/optimization/optimizing-networking.adoc b/scalability_and_performance/optimization/optimizing-networking.adoc index f00fa40d1b..3960ff78a1 100644 --- a/scalability_and_performance/optimization/optimizing-networking.adoc +++ b/scalability_and_performance/optimization/optimizing-networking.adoc @@ -35,7 +35,7 @@ include::modules/ipsec-impact-networking.adoc[leveloffset=+1] [id="optimizing-networking-additional-resources"] == Additional resources -* xref:../../installing/installing_aws/installing-aws-network-customizations.adoc#modifying-nwoperator-config-startup_installing-aws-network-customizations[Modifying advanced network configuration parameters] +* xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#modifying-nwoperator-config-startup_installing-aws-network-customizations[Specifying advanced network configuration] * xref:../../networking/cluster-network-operator.adoc#nw-operator-configuration-parameters-for-ovn-sdn_cluster-network-operator[Configuration parameters for the OVN-Kubernetes network plugin] * xref:../../networking/cluster-network-operator.adoc#nw-operator-configuration-parameters-for-openshift-sdn_cluster-network-operator[Configuration parameters for the OpenShift SDN network plugin] * xref:../../scalability_and_performance/scaling-worker-latency-profiles.adoc#scaling-worker-latency-profiles[Improving cluster stability in high latency environments using worker latency profiles] diff --git a/security/cert_manager_operator/cert-manager-authenticate.adoc b/security/cert_manager_operator/cert-manager-authenticate.adoc index d5708095ed..9849b14d71 100644 --- a/security/cert_manager_operator/cert-manager-authenticate.adoc +++ b/security/cert_manager_operator/cert-manager-authenticate.adoc @@ -18,7 +18,7 @@ include::modules/cert-manager-configure-cloud-credentials-aws-sts.adoc[leveloffs [id="additional-resources_cert-manager-authenticate-gcp"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] // on GCP include::modules/cert-manager-configure-cloud-credentials-gcp-non-sts.adoc[leveloffset=+1] diff --git a/security/container_security/security-hardening.adoc b/security/container_security/security-hardening.adoc index 9057afcaad..8195ea2fd1 100644 --- a/security/container_security/security-hardening.adoc +++ b/security/container_security/security-hardening.adoc @@ -43,7 +43,7 @@ include::modules/security-hardening-how.adoc[leveloffset=+1] * xref:../../installing/install_config/installing-customizing.adoc#installing-customizing[Customizing nodes] * xref:../../nodes/nodes/nodes-nodes-managing.adoc#nodes-nodes-kernel-arguments_nodes-nodes-managing[Adding kernel arguments to nodes] ifndef::openshift-origin[] -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#installation-configuration-parameters_installing-aws-customizations[Installation configuration parameters] - see `fips` +* xref:../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-configuration-parameters-optional_installation-config-parameters-aws[Optional configuration parameters] * xref:../../installing/installing-fips.adoc#installing-fips[Support for FIPS cryptography] * link:https://access.redhat.com/articles/3359851[{op-system-base} core crypto components] endif::[] diff --git a/service_mesh/v1x/preparing-ossm-installation.adoc b/service_mesh/v1x/preparing-ossm-installation.adoc index 37fdfea1ee..bfa6c559b1 100644 --- a/service_mesh/v1x/preparing-ossm-installation.adoc +++ b/service_mesh/v1x/preparing-ossm-installation.adoc @@ -17,8 +17,8 @@ Before you can install {SMProductName}, review the installation activities, ensu ifdef::openshift-enterprise[] * Review the xref:../../architecture/architecture-installation.adoc#installation-overview_architecture-installation[{product-title} {product-version} overview]. * Install {product-title} {product-version}. -** xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[Install {product-title} {product-version} on AWS] -** xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[Install {product-title} {product-version} on user-provisioned AWS] +** xref:../../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[Install {product-title} {product-version} on AWS] +** xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Install {product-title} {product-version} on AWS with user-provisioned infrastructure] ** xref:../../installing/installing_bare_metal/installing-bare-metal.adoc#installing-bare-metal[Install {product-title} {product-version} on bare metal] ** xref:../../installing/installing_vsphere/upi/installing-vsphere.adoc#installing-vsphere[Install {product-title} {product-version} on vSphere] + diff --git a/service_mesh/v2x/preparing-ossm-installation.adoc b/service_mesh/v2x/preparing-ossm-installation.adoc index 797b0ca277..f87fd58f3e 100644 --- a/service_mesh/v2x/preparing-ossm-installation.adoc +++ b/service_mesh/v2x/preparing-ossm-installation.adoc @@ -15,8 +15,8 @@ Before you can install {SMProductName}, you must subscribe to {product-title} an ifdef::openshift-enterprise[] * Review the xref:../../architecture/architecture-installation.adoc#installation-overview_architecture-installation[{product-title} {product-version} overview]. * Install {product-title} {product-version}. If you are installing {SMProductName} on a xref:../../installing/installing-preparing.adoc#supported-installation-methods-for-different-platforms[restricted network], follow the instructions for your chosen {product-title} infrastructure. -** xref:../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[Install {product-title} {product-version} on AWS] -** xref:../../installing/installing_aws/installing-aws-user-infra.adoc#installing-aws-user-infra[Install {product-title} {product-version} on user-provisioned AWS] +** xref:../../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[Install {product-title} {product-version} on AWS] +** xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Install {product-title} {product-version} on AWS with user-provisioned infrastructure] ** xref:../../installing/installing_bare_metal/installing-bare-metal.adoc#installing-bare-metal[Install {product-title} {product-version} on bare metal] ** xref:../../installing/installing_vsphere/upi/installing-vsphere.adoc#installing-vsphere[Install {product-title} {product-version} on vSphere] ** xref:../../installing/installing_ibm_z/installing-ibm-z.adoc#installing-ibm-z[Install {product-title} {product-version} on {ibm-z-name} and {ibm-linuxone-name}] diff --git a/storage/container_storage_interface/persistent-storage-csi-aws-efs.adoc b/storage/container_storage_interface/persistent-storage-csi-aws-efs.adoc index aeb48aa84b..2ef819e243 100644 --- a/storage/container_storage_interface/persistent-storage-csi-aws-efs.adoc +++ b/storage/container_storage_interface/persistent-storage-csi-aws-efs.adoc @@ -39,7 +39,7 @@ xref:../../storage/container_storage_interface/persistent-storage-csi-aws-efs.ad [role="_additional-resources"] .Additional resources * xref:../../storage/container_storage_interface/persistent-storage-csi-aws-efs.adoc#persistent-storage-csi-olm-operator-install_persistent-storage-csi-aws-efs[Installing the AWS EFS CSI Driver Operator] -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility] * xref:../../storage/container_storage_interface/persistent-storage-csi-aws-efs.adoc#persistent-storage-csi-efs-driver-install_persistent-storage-csi-aws-efs[Installing the {FeatureName} CSI Driver] endif::[] diff --git a/storage/container_storage_interface/persistent-storage-csi-ebs.adoc b/storage/container_storage_interface/persistent-storage-csi-ebs.adoc index 43323d0ce8..5540be3e46 100644 --- a/storage/container_storage_interface/persistent-storage-csi-ebs.adoc +++ b/storage/container_storage_interface/persistent-storage-csi-ebs.adoc @@ -42,7 +42,7 @@ include::modules/persistent-storage-byok.adoc[leveloffset=+1] If there is no encrypted key defined in the storage class, only set `encrypted: "true"` in the storage class. The AWS EBS CSI driver uses the AWS managed alias/aws/ebs, which is created by Amazon EBS automatically in each region by default to encrypt provisioned storage volumes. In addition, the managed storage classes all have the `encrypted: "true"` setting. ==== -For information about installing with user-managed encryption for Amazon EBS, see xref:../../installing/installing_aws/installing-aws-customizations.adoc#installation-configuration-parameters_installing-aws-customizations[Installation configuration parameters]. +For information about installing with user-managed encryption for Amazon EBS, see xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installation-configuration-parameters_installing-aws-customizations[Installation configuration parameters]. endif::openshift-rosa,openshift-dedicated[] [role="_additional-resources"] diff --git a/updating/preparing_for_updates/preparing-manual-creds-update.adoc b/updating/preparing_for_updates/preparing-manual-creds-update.adoc index 2c19bb699e..6fa031d9bd 100644 --- a/updating/preparing_for_updates/preparing-manual-creds-update.adoc +++ b/updating/preparing_for_updates/preparing-manual-creds-update.adoc @@ -61,7 +61,7 @@ include::modules/cco-ccoctl-upgrading.adoc[leveloffset=+1] include::modules/manually-maintained-credentials-upgrade.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_aws/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] * xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] * xref:../../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#manually-create-iam_installing-azure-stack-hub-default[Manually creating long-term credentials for Azure Stack Hub] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[Manually creating long-term credentials for GCP] diff --git a/welcome/index.adoc b/welcome/index.adoc index a3b8696bab..2ea02bccce 100644 --- a/welcome/index.adoc +++ b/welcome/index.adoc @@ -117,7 +117,7 @@ xref:../installing/installing_openstack/installing-openstack-troubleshooting.ado ifndef::openshift-origin[] - **Install a cluster in a restricted network**: If your cluster uses user-provisioned infrastructure on -xref:../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[AWS], +xref:../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp.adoc#installing-restricted-networks-gcp[{gcp-short}], xref:../installing/installing_vsphere/upi/installing-restricted-networks-vsphere.adoc#installing-restricted-networks-vsphere[{vmw-short}], xref:../installing/installing_ibm_cloud_public/installing-ibm-cloud-restricted.adoc#installing-ibm-cloud-restricted[{ibm-cloud-name}], xref:../installing/installing_ibm_z/preparing-to-install-on-ibm-z.adoc#preparing-to-install-on-ibm-z[{ibm-z-name} and {ibm-linuxone-name}], xref:../installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc#installing-restricted-networks-ibm-power[{ibm-power-name}], or @@ -131,7 +131,7 @@ endif::openshift-origin[] ifdef::openshift-origin[] - **Install a cluster in a restricted network**: If your cluster that uses user-provisioned infrastructure on -xref:../installing/installing_aws/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[AWS], +xref:../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp.adoc#installing-restricted-networks-gcp[{gcp-short}], or xref:../installing/installing_bare_metal/installing-restricted-networks-bare-metal.adoc#installing-restricted-networks-bare-metal[bare metal] @@ -141,14 +141,14 @@ xref:../installing/disconnected_install/installing-mirroring-installation-images endif::openshift-origin[] - **Install a cluster in an existing network**: If you use an existing Virtual Private Cloud (VPC) in -xref:../installing/installing_aws/installing-aws-vpc.adoc#installing-aws-vpc[AWS] or +xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[AWS] or xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[{gcp-short}] or an existing xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[VNet] on Microsoft Azure, you can install a cluster. Also consider xref:../installing/installing_gcp/installing-gcp-shared-vpc.adoc#installation-gcp-shared-vpc-prerequisites_installing-gcp-shared-vpc[Installing a cluster on {gcp-short} into a shared VPC] - **Install a private cluster**: If your cluster does not require external internet access, you can install a private cluster on -xref:../installing/installing_aws/installing-aws-private.adoc#installing-aws-private[AWS], +xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[AWS], xref:../installing/installing_azure/installing-azure-private.adoc#installing-aws-private[Azure], xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[{gcp-short}], or xref:../installing/installing_ibm_cloud_public/preparing-to-install-on-ibm-cloud.adoc#preparing-to-install-on-ibm-cloud[{ibm-cloud-name}]. Internet access is still required to access the cloud APIs and installation media.