diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index cb80606c5b..b97bbdb4b3 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -200,33 +200,41 @@ Topics: Dir: installing_azure Distros: openshift-origin,openshift-enterprise Topics: - - Name: Preparing to install on Azure + - Name: Preparing to install File: preparing-to-install-on-azure - Name: Configuring an Azure account File: installing-azure-account - - Name: Enabling user-managed encryption on Azure + - Name: Enabling user-managed encryption File: enabling-user-managed-encryption-azure - - Name: Installing a cluster quickly on Azure - File: installing-azure-default - - Name: Installing a cluster on Azure with customizations - File: installing-azure-customizations - - Name: Installing a cluster on Azure with network customizations - File: installing-azure-network-customizations - - Name: Installing a cluster on Azure into an existing VNet - File: installing-azure-vnet - - Name: Installing a private cluster on Azure - File: installing-azure-private - - Name: Installing a cluster on Azure into a government region - File: installing-azure-government-region - - Name: Installing a cluster on Azure in a restricted network with user-provisioned infrastructure - File: installing-restricted-networks-azure-user-provisioned - - Name: Installing a cluster on Azure using ARM templates - File: installing-azure-user-infra - - Name: Installing a cluster on Azure in a restricted network - File: installing-restricted-networks-azure-installer-provisioned - - Name: Installing a three-node cluster on Azure + - Name: Installer-provisioned infrastructure + Dir: ipi + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Installing a cluster + File: installing-azure-default + - Name: Installing a cluster with customizations + File: installing-azure-customizations + - Name: Installing a cluster with network customizations + File: installing-azure-network-customizations + - Name: Installing a cluster in a restricted network + File: installing-restricted-networks-azure-installer-provisioned + - Name: Installing a cluster into an existing VNet + File: installing-azure-vnet + - Name: Installing a private cluster + File: installing-azure-private + - Name: Installing a cluster into a government region + File: installing-azure-government-region + - Name: User-provisioned infrastructure + Dir: upi + Distros: openshift-origin,openshift-enterprise + Topics: + - Name: Installing a cluster in a restricted network with user-provisioned infrastructure + File: installing-restricted-networks-azure-user-provisioned + - Name: Installing a cluster using ARM templates + File: installing-azure-user-infra + - Name: Installing a three-node cluster File: installing-azure-three-node - - Name: Uninstalling a cluster on Azure + - Name: Uninstalling a cluster File: uninstalling-cluster-azure - Name: Installation configuration parameters for Azure File: installation-config-parameters-azure diff --git a/_unused_topics/manually-creating-iam-azure.adoc b/_unused_topics/manually-creating-iam-azure.adoc index fe736063c6..a38460ef69 100644 --- a/_unused_topics/manually-creating-iam-azure.adoc +++ b/_unused_topics/manually-creating-iam-azure.adoc @@ -24,6 +24,6 @@ include::modules/manually-create-identity-access-management.adoc[leveloffset=+1] == Next steps * Install an {product-title} cluster: -** xref:../../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[Installing a cluster quickly on Azure] with default options on installer-provisioned infrastructure -** xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Install a cluster with cloud customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] +** xref:../../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[Installing a cluster quickly on Azure] with default options on installer-provisioned infrastructure +** xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[Install a cluster with cloud customizations on installer-provisioned infrastructure] +** xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] diff --git a/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc b/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc index a9f8965c9c..dca317d61b 100644 --- a/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc +++ b/authentication/managing_cloud_provider_credentials/cco-mode-manual.adoc @@ -27,7 +27,7 @@ An AWS, global Azure, or GCP cluster that uses manual mode might be configured t == Additional resources * xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[Manually creating long-term credentials for GCP] * xref:../../installing/installing_ibm_cloud_public/configuring-iam-ibm-cloud.adoc#configuring-iam-ibm-cloud[Configuring IAM for {ibm-cloud-name}] * xref:../../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#manually-create-iam-nutanix_installing-nutanix-installer-provisioned[Configuring IAM for Nutanix] diff --git a/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc b/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc index c952edc92b..3598fdcce7 100644 --- a/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc +++ b/authentication/managing_cloud_provider_credentials/cco-mode-passthrough.adoc @@ -29,7 +29,7 @@ To locate the `CredentialsRequest` CRs that are required, see xref:../../install === Microsoft Azure permissions The credential you provide for passthrough mode in Azure must have all the requested permissions for all `CredentialsRequest` CRs that are required by the version of {product-title} you are running or installing. -To locate the `CredentialsRequest` CRs that are required, see xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure]. +To locate the `CredentialsRequest` CRs that are required, see xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure]. [id="passthrough-mode-permissions-gcp"] === Google Cloud Platform (GCP) permissions @@ -81,7 +81,7 @@ include::modules/admin-credentials-root-secret-formats.adoc[leveloffset=+1] [id="passthrough-mode-maintenance"] == Passthrough mode credential maintenance -If `CredentialsRequest` CRs change over time as the cluster is upgraded, you must manually update the passthrough mode credential to meet the requirements. To avoid credentials issues during an upgrade, check the `CredentialsRequest` CRs in the release image for the new version of {product-title} before upgrading. To locate the `CredentialsRequest` CRs that are required for your cloud provider, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. +If `CredentialsRequest` CRs change over time as the cluster is upgraded, you must manually update the passthrough mode credential to meet the requirements. To avoid credentials issues during an upgrade, check the `CredentialsRequest` CRs in the release image for the new version of {product-title} before upgrading. To locate the `CredentialsRequest` CRs that are required for your cloud provider, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. //Rotating cloud provider credentials manually include::modules/manually-rotating-cloud-creds.adoc[leveloffset=+2] @@ -96,11 +96,11 @@ When using passthrough mode, each component has the same permissions used by all After installation, you can reduce the permissions on your credential to only those that are required to run the cluster, as defined by the `CredentialsRequest` CRs in the release image for the version of {product-title} that you are using. -To locate the `CredentialsRequest` CRs that are required for AWS, Azure, or GCP and learn how to change the permissions the CCO uses, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. +To locate the `CredentialsRequest` CRs that are required for AWS, Azure, or GCP and learn how to change the permissions the CCO uses, see _Manually creating long-term credentials_ for xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[AWS], xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Azure], or xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[GCP]. [role="_additional-resources"] == Additional resources * xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[Manually creating long-term credentials for GCP] diff --git a/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc b/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc index 9ccd0f7e51..c4d38e3326 100644 --- a/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc +++ b/authentication/managing_cloud_provider_credentials/cco-short-term-creds.adoc @@ -82,7 +82,7 @@ In manual mode with {entra-first}, the individual {product-title} cluster compon [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-customizations[Configuring a global Microsoft Azure cluster to use short-term credentials] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-customizations[Configuring a global Microsoft Azure cluster to use short-term credentials] //Microsoft Entra Workload ID authentication process include::modules/cco-short-term-creds-auth-flow-azure.adoc[leveloffset=+2] @@ -106,5 +106,5 @@ include::modules/cco-short-term-creds-azure-olm.adoc[leveloffset=+2] * xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-with-short-term-creds_installing-gcp-customizations[Configuring a GCP cluster to use short-term credentials] -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-customizations[Configuring a global Microsoft Azure cluster to use short-term credentials] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-customizations[Configuring a global Microsoft Azure cluster to use short-term credentials] * xref:../../updating/preparing_for_updates/preparing-manual-creds-update.adoc#preparing-manual-creds-update[Preparing to update a cluster with manually maintained credentials] \ No newline at end of file diff --git a/installing/installing-preparing.adoc b/installing/installing-preparing.adoc index 43b80aca9d..76872d7b7c 100644 --- a/installing/installing-preparing.adoc +++ b/installing/installing-preparing.adoc @@ -57,13 +57,13 @@ You can deploy an installer-provisioned infrastructure cluster without specifyin If you need to perform basic configuration for your installer-provisioned infrastructure cluster, such as the instance type for the cluster machines, you can customize an installation for xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[AWS], xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Azure], xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[GCP], xref:../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[Nutanix]. -For installer-provisioned infrastructure installations, you can use an existing xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[VPC in AWS], xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[vNet in Azure], or xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[VPC in GCP]. You can also reuse part of your networking infrastructure so that your cluster in xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[AWS], xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Azure], xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[GCP] can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations. If you have existing accounts and credentials on these clouds, you can re-use them, but you might need to modify the accounts to have the required permissions to install {product-title} clusters on them. +For installer-provisioned infrastructure installations, you can use an existing xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[VPC in AWS], xref:../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[vNet in Azure], or xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[VPC in GCP]. You can also reuse part of your networking infrastructure so that your cluster in xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[AWS], xref:../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Azure], xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[GCP] can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations. If you have existing accounts and credentials on these clouds, you can re-use them, but you might need to modify the accounts to have the required permissions to install {product-title} clusters on them. You can use the installer-provisioned infrastructure method to create appropriate machine instances on your hardware for xref:../installing/installing_vsphere/ipi/installing-vsphere-installer-provisioned.adoc#installing-vsphere-installer-provisioned[vSphere], and xref:../installing/installing_bare_metal_ipi/ipi-install-overview#ipi-install-overview[bare metal]. Additionally, for xref:../installing/installing_vsphere/ipi/installing-vsphere-installer-provisioned-network-customizations.adoc#installing-vsphere-installer-provisioned-network-customizations[vSphere], you can also customize additional network parameters during installation. -If you want to reuse extensive cloud infrastructure, you can complete a _user-provisioned infrastructure_ installation. With these installations, you manually deploy the machines that your cluster requires during the installation process. If you perform a user-provisioned infrastructure installation on xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[AWS], xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[Azure], xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[Azure Stack Hub], you can use the provided templates to help you stand up all of the required components. You can also reuse a shared xref:../installing/installing_gcp/installing-gcp-user-infra-vpc.adoc#installing-gcp-user-infra-vpc[VPC on GCP]. Otherwise, you can use the xref:../installing/installing_platform_agnostic/installing-platform-agnostic.adoc#installing-platform-agnostic[provider-agnostic] installation method to deploy a cluster into other clouds. +If you want to reuse extensive cloud infrastructure, you can complete a _user-provisioned infrastructure_ installation. With these installations, you manually deploy the machines that your cluster requires during the installation process. If you perform a user-provisioned infrastructure installation on xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[AWS], xref:../installing/installing_azure/upi/installing-azure-user-infra.adoc#installing-azure-user-infra[Azure], xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[Azure Stack Hub], you can use the provided templates to help you stand up all of the required components. You can also reuse a shared xref:../installing/installing_gcp/installing-gcp-user-infra-vpc.adoc#installing-gcp-user-infra-vpc[VPC on GCP]. Otherwise, you can use the xref:../installing/installing_platform_agnostic/installing-platform-agnostic.adoc#installing-platform-agnostic[provider-agnostic] installation method to deploy a cluster into other clouds. You can also complete a user-provisioned infrastructure installation on your existing hardware. If you use xref:../installing/installing_openstack/installing-openstack-user.adoc#installing-openstack-user[{rh-openstack}], xref:../installing/installing_ibm_z/installing-ibm-z.adoc#installing-ibm-z[{ibm-z-name} or {ibm-linuxone-name}], xref:../installing/installing_ibm_z/installing-ibm-z-kvm.adoc#installing-ibm-z-kvm[{ibm-z-name} and {ibm-linuxone-name} with {op-system-base} KVM], xref:../installing/installing_ibm_power/installing-ibm-power.adoc#installing-ibm-power[{ibm-power-title}], or xref:../installing/installing_vsphere/upi/installing-vsphere.adoc#installing-vsphere[vSphere], use the specific installation instructions to deploy your cluster. If you use other supported hardware, follow the xref:../installing/installing_bare_metal/installing-bare-metal.adoc#installing-bare-metal[bare metal installation] procedure. For some of these platforms, such as xref:../installing/installing_vsphere/upi/installing-vsphere-network-customizations.adoc#installing-vsphere-network-customizations[vSphere], and xref:../installing/installing_bare_metal/installing-bare-metal-network-customizations.adoc#installing-bare-metal-network-customizations[bare metal], you can also customize additional network parameters during installation. @@ -74,12 +74,12 @@ You can also complete a user-provisioned infrastructure installation on your exi If you use a user-provisioned installation method, you can configure a proxy for your cluster. The instructions are included in each installation procedure. -If you want to prevent your cluster on a public cloud from exposing endpoints externally, you can deploy a private cluster with installer-provisioned infrastructure on xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[AWS], xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[Azure], or xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[GCP]. +If you want to prevent your cluster on a public cloud from exposing endpoints externally, you can deploy a private cluster with installer-provisioned infrastructure on xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[AWS], xref:../installing/installing_azure/ipi/installing-azure-private.adoc#installing-azure-private[Azure], or xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[GCP]. If you need to install your cluster that has limited access to the internet, such as a disconnected or restricted network cluster, you can xref:../installing/disconnected_install/installing-mirroring-installation-images.adoc#installing-mirroring-installation-images[mirror the installation packages] and install the cluster from them. Follow detailed instructions for user-provisioned infrastructure installations into restricted networks for xref:../installing/installing_aws/upi/installing-restricted-networks-aws.adoc#installing-restricted-networks-aws[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp.adoc#installing-restricted-networks-gcp[GCP], xref:../installing/installing_ibm_z/installing-restricted-networks-ibm-z.adoc#installing-restricted-networks-ibm-z[{ibm-z-name} or {ibm-linuxone-name}], xref:../installing/installing_ibm_z/installing-restricted-networks-ibm-z-kvm.adoc#installing-restricted-networks-ibm-z-kvm[{ibm-z-name} or {ibm-linuxone-name} with {op-system-base} KVM], xref:../installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc#installing-restricted-networks-ibm-power[{ibm-power-name}], xref:../installing/installing_vsphere/upi/installing-restricted-networks-vsphere.adoc#installing-restricted-networks-vsphere[vSphere], or xref:../installing/installing_bare_metal/installing-restricted-networks-bare-metal.adoc#installing-restricted-networks-bare-metal[bare metal]. You can also install a cluster into a restricted network using installer-provisioned infrastructure by following detailed instructions for xref:../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[AWS], xref:../installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc#installing-restricted-networks-gcp-installer-provisioned[GCP], xref:../installing/installing_ibm_cloud_public/installing-ibm-cloud-restricted.adoc#installing-ibm-cloud-restricted[{ibm-cloud-name}], xref:../installing/installing_nutanix/installing-restricted-networks-nutanix-installer-provisioned.adoc#installing-restricted-networks-nutanix-installer-provisioned[Nutanix], xref:../installing/installing_openstack/installing-openstack-installer-restricted.adoc#installing-openstack-installer-restricted[{rh-openstack}], and xref:../installing/installing_vsphere/ipi/installing-restricted-networks-installer-provisioned-vsphere.adoc#installing-restricted-networks-installer-provisioned-vsphere[vSphere]. -If you need to deploy your cluster to an xref:../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[AWS GovCloud region], xref:../installing/installing_aws/ipi/installing-aws-china.adoc#installing-aws-china-region[AWS China region], or xref:../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[Azure government region], you can configure those custom regions during an installer-provisioned infrastructure installation. +If you need to deploy your cluster to an xref:../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[AWS GovCloud region], xref:../installing/installing_aws/ipi/installing-aws-china.adoc#installing-aws-china-region[AWS China region], or xref:../installing/installing_azure/ipi/installing-azure-government-region.adoc#installing-azure-government-region[Azure government region], you can configure those custom regions during an installer-provisioned infrastructure installation. ifndef::openshift-origin[] You can also configure the cluster machines to use the {op-system-base} cryptographic libraries that have been submitted to NIST for xref:../installing/installing-fips.adoc#installing-fips[FIPS 140-2/140-3 Validation] during installation. @@ -135,8 +135,8 @@ ifndef::openshift-origin[] |Default |xref:../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[✓] |xref:../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[✓] -|xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] -|xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] +|xref:../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[✓] +|xref:../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#installing-azure-stack-hub-default[✓] |xref:../installing/installing_gcp/installing-gcp-default.adoc#installing-gcp-default[✓] |xref:../installing/installing_gcp/installing-gcp-default.adoc#installing-gcp-default[✓] @@ -153,8 +153,8 @@ ifndef::openshift-origin[] |Custom |xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] |xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] -|xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[✓] -|xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[✓] +|xref:../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[✓] +|xref:../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#installing-azure-stack-hub-default[✓] |xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[✓] |xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[✓] @@ -172,8 +172,8 @@ ifndef::openshift-origin[] |Network customization |xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] |xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] -|xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] -|xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] +|xref:../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] +|xref:../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-network-customizations.adoc#installing-azure-stack-hub-network-customizations[✓] |xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[✓] |xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[✓] @@ -190,8 +190,8 @@ ifndef::openshift-origin[] |Restricted network |xref:../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] |xref:../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[✓] -|xref:../installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc#installing-restricted-networks-azure-installer-provisioned[✓] -|xref:../installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc#installing-restricted-networks-azure-installer-provisioned[✓] +|xref:../installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc#installing-restricted-networks-azure-installer-provisioned[✓] +|xref:../installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc#installing-restricted-networks-azure-installer-provisioned[✓] | |xref:../installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc#installing-restricted-networks-gcp-installer-provisioned[✓] |xref:../installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc#installing-restricted-networks-gcp-installer-provisioned[✓] @@ -208,8 +208,8 @@ ifndef::openshift-origin[] |Private clusters |xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[✓] |xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[✓] -|xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[✓] -|xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[✓] +|xref:../installing/installing_azure/ipi/installing-azure-private.adoc#installing-azure-private[✓] +|xref:../installing/installing_azure/ipi/installing-azure-private.adoc#installing-azure-private[✓] | |xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[✓] |xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[✓] @@ -226,8 +226,8 @@ ifndef::openshift-origin[] |Existing virtual private networks |xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[✓] |xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[✓] -|xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[✓] -|xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[✓] +|xref:../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[✓] +|xref:../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[✓] | |xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[✓] |xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[✓] @@ -244,7 +244,7 @@ ifndef::openshift-origin[] |Government regions |xref:../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[✓] | -|xref:../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[✓] +|xref:../installing/installing_azure/ipi/installing-azure-government-region.adoc#installing-azure-government-region[✓] | | | @@ -305,8 +305,8 @@ ifdef::openshift-origin[] |Default |xref:../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[✓] -|xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] -|xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] +|xref:../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[✓] +|xref:../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_gcp/installing-gcp-default.adoc#installing-gcp-default[✓] |xref:../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[✓] | @@ -318,8 +318,8 @@ ifdef::openshift-origin[] |Custom |xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] -|xref:../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[✓] -|xref:../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[✓] +|xref:../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[✓] +|xref:../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[✓] |xref:../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[✓] |xref:../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[✓] |xref:../installing/installing_openstack/installing-openstack-installer-custom.adoc#installing-openstack-installer-custom[✓] @@ -331,7 +331,7 @@ ifdef::openshift-origin[] |Network customization |xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] -|xref:../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] +|xref:../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-network-customizations.adoc#installing-azure-stack-hub-network-customizations[✓] |xref:../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[✓] | @@ -357,7 +357,7 @@ ifdef::openshift-origin[] |Private clusters |xref:../installing/installing_aws/ipi/installing-aws-private.adoc#installing-aws-private[✓] -|xref:../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[✓] +|xref:../installing/installing_azure/ipi/installing-azure-private.adoc#installing-azure-private[✓] | |xref:../installing/installing_gcp/installing-gcp-private.adoc#installing-gcp-private[✓] | @@ -370,7 +370,7 @@ ifdef::openshift-origin[] |Existing virtual private networks |xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[✓] -|xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[✓] +|xref:../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[✓] | |xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[✓] | @@ -383,7 +383,7 @@ ifdef::openshift-origin[] |Government regions |xref:../installing/installing_aws/ipi/installing-aws-government-region.adoc#installing-aws-government-region[✓] -|xref:../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[✓] +|xref:../installing/installing_azure/ipi/installing-azure-government-region.adoc#installing-azure-government-region[✓] | | | @@ -432,8 +432,8 @@ ifndef::openshift-origin[] |Custom |xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] |xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] -|xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] -|xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] +|xref:../installing/installing_azure/upi/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] +|xref:../installing/installing_azure/upi/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[✓] |xref:../installing/installing_gcp/installing-gcp-user-infra.adoc#installing-gcp-user-infra[✓] |xref:../installing/installing_gcp/installing-gcp-user-infra.adoc#installing-gcp-user-infra[✓] @@ -517,7 +517,7 @@ ifdef::openshift-origin[] |Custom |xref:../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[✓] -|xref:../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] +|xref:../installing/installing_azure/upi/installing-azure-user-infra.adoc#installing-azure-user-infra[✓] |xref:../installing/installing_azure_stack_hub/installing-azure-stack-hub-user-infra.adoc#installing-azure-stack-hub-user-infra[✓] |xref:../installing/installing_gcp/installing-gcp-user-infra.adoc#installing-gcp-user-infra[✓] | diff --git a/installing/installing_azure/enabling-user-managed-encryption-azure.adoc b/installing/installing_azure/enabling-user-managed-encryption-azure.adoc index 617db1dc2d..928e386375 100644 --- a/installing/installing_azure/enabling-user-managed-encryption-azure.adoc +++ b/installing/installing_azure/enabling-user-managed-encryption-azure.adoc @@ -14,8 +14,8 @@ include::modules/installation-azure-preparing-diskencryptionsets.adoc[leveloffse == Next steps * Install an {product-title} cluster: -** xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Install a cluster with customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[Install a cluster into an existing VNet on installer-provisioned infrastructure] -** xref:../../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[Install a private cluster on installer-provisioned infrastructure] -** xref:../../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[Install a cluster into an government region on installer-provisioned infrastructure] +** xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[Install a cluster with customizations on installer-provisioned infrastructure] +** xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] +** xref:../../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[Install a cluster into an existing VNet on installer-provisioned infrastructure] +** xref:../../installing/installing_azure/ipi/installing-azure-private.adoc#installing-azure-private[Install a private cluster on installer-provisioned infrastructure] +** xref:../../installing/installing_azure/ipi/installing-azure-government-region.adoc#installing-azure-government-region[Install a cluster into an government region on installer-provisioned infrastructure] diff --git a/installing/installing_azure/installing-azure-account.adoc b/installing/installing_azure/installing-azure-account.adoc index 9b9eab1478..e437bc3aab 100644 --- a/installing/installing_azure/installing-azure-account.adoc +++ b/installing/installing_azure/installing-azure-account.adoc @@ -49,6 +49,6 @@ include::modules/installation-azure-regions.adoc[leveloffset=+1] == Next steps * Install an {product-title} cluster on Azure. You can -xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[install a customized cluster] +xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[install a customized cluster] or -xref:../../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[quickly install a cluster] with default options. +xref:../../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[quickly install a cluster] with default options. diff --git a/installing/installing_azure/installing-azure-default.adoc b/installing/installing_azure/installing-azure-default.adoc deleted file mode 100644 index b184f29cf1..0000000000 --- a/installing/installing_azure/installing-azure-default.adoc +++ /dev/null @@ -1,47 +0,0 @@ -:_mod-docs-content-type: ASSEMBLY -[id="installing-azure-default"] -= Installing a cluster quickly on Azure -include::_attributes/common-attributes.adoc[] -:context: installing-azure-default - -toc::[] - -In {product-title} version {product-version}, you can install a cluster on -Microsoft Azure that uses the default configuration options. - -== Prerequisites - -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. - -include::modules/cluster-entitlements.adoc[leveloffset=+1] - -include::modules/ssh-agent-using.adoc[leveloffset=+1] - -include::modules/installation-obtaining-installer.adoc[leveloffset=+1] - -include::modules/installation-launching-installer.adoc[leveloffset=+1] - -include::modules/cli-installing-cli.adoc[leveloffset=+1] - -include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources - -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. - -include::modules/cluster-telemetry.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources - -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service - -== Next steps - -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can -xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/installing-azure-government-region.adoc b/installing/installing_azure/installing-azure-government-region.adoc deleted file mode 100644 index e8b496a0ba..0000000000 --- a/installing/installing_azure/installing-azure-government-region.adoc +++ /dev/null @@ -1,88 +0,0 @@ -:_mod-docs-content-type: ASSEMBLY -[id="installing-azure-government-region"] -= Installing a cluster on Azure into a government region -include::_attributes/common-attributes.adoc[] -:context: installing-azure-government-region - -toc::[] - -In {product-title} version {product-version}, you can install a cluster on -Microsoft Azure into a government region. To configure the government region, -you modify parameters in the `install-config.yaml` file before you install the -cluster. - -== Prerequisites - -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated government region to deploy the cluster to. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. -* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you can xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[manually create and maintain long-term credentials]. -* If you use customer-managed encryption keys, you xref:../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. - -include::modules/installation-azure-about-government-region.adoc[leveloffset=+1] - -include::modules/private-clusters-default.adoc[leveloffset=+1] - -include::modules/private-clusters-about-azure.adoc[leveloffset=+2] - -include::modules/installation-azure-user-defined-routing.adoc[leveloffset=+2] - -include::modules/installation-about-custom-azure-vnet.adoc[leveloffset=+1] - -include::modules/cluster-entitlements.adoc[leveloffset=+1] - -include::modules/ssh-agent-using.adoc[leveloffset=+1] - -include::modules/installation-obtaining-installer.adoc[leveloffset=+1] - -include::modules/installation-initializing-manual.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources -* xref:../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] - -include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] - -[role="_additional-resources"] -.Additional resources - -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] - -include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2] - -include::modules/installation-azure-trusted-launch.adoc[leveloffset=+2] -include::modules/installation-azure-confidential-vms.adoc[leveloffset=+2] - -include::modules/installation-azure-config-yaml.adoc[leveloffset=+2] - -include::modules/installation-configure-proxy.adoc[leveloffset=+2] - -[role="_additional-resources"] -.Additional resources - -* For more details about Accelerated Networking, see xref:../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. - -include::modules/installation-launching-installer.adoc[leveloffset=+1] - -include::modules/cli-installing-cli.adoc[leveloffset=+1] - -include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources - -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. - -include::modules/cluster-telemetry.adoc[leveloffset=+1] - -[role="_additional-resources"] -.Additional resources - -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service - -== Next steps - -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. -* If necessary, you can -xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/installing-azure-three-node.adoc b/installing/installing_azure/installing-azure-three-node.adoc index 789860bd8a..d2a5e835be 100644 --- a/installing/installing_azure/installing-azure-three-node.adoc +++ b/installing/installing_azure/installing-azure-three-node.adoc @@ -18,5 +18,5 @@ Deploying a three-node cluster using an Azure Marketplace image is not supported include::modules/installation-three-node-cluster-cloud-provider.adoc[leveloffset=+1] == Next steps -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Installing a cluster on Azure with customizations] -* xref:../../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[Installing a cluster on Azure using ARM templates] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[Installing a cluster on Azure with customizations] +* xref:../../installing/installing_azure/upi/installing-azure-user-infra.adoc#installing-azure-user-infra[Installing a cluster on Azure using ARM templates] diff --git a/installing/installing_azure/ipi/_attributes b/installing/installing_azure/ipi/_attributes new file mode 120000 index 0000000000..bf7c2529fd --- /dev/null +++ b/installing/installing_azure/ipi/_attributes @@ -0,0 +1 @@ +../../../_attributes/ \ No newline at end of file diff --git a/installing/installing_azure/ipi/images b/installing/installing_azure/ipi/images new file mode 120000 index 0000000000..4399cbb3c0 --- /dev/null +++ b/installing/installing_azure/ipi/images @@ -0,0 +1 @@ +../../../images/ \ No newline at end of file diff --git a/installing/installing_azure/installing-azure-customizations.adoc b/installing/installing_azure/ipi/installing-azure-customizations.adoc similarity index 59% rename from installing/installing_azure/installing-azure-customizations.adoc rename to installing/installing_azure/ipi/installing-azure-customizations.adoc index e6c8262ed9..92f2ae2e97 100644 --- a/installing/installing_azure/installing-azure-customizations.adoc +++ b/installing/installing_azure/ipi/installing-azure-customizations.adoc @@ -14,11 +14,11 @@ parameters in the `install-config.yaml` file before you install the cluster. == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. -* If you use customer-managed encryption keys, you xref:../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use customer-managed encryption keys, you xref:../../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. include::modules/cluster-entitlements.adoc[leveloffset=+1] @@ -32,14 +32,14 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] +* xref:../../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2] @@ -55,7 +55,7 @@ include::modules/installation-configure-proxy.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* For more details about Accelerated Networking, see xref:../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. +* For more details about Accelerated Networking, see xref:../../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. include::modules/installation-user-defined-tags-azure.adoc[leveloffset=+1] @@ -69,9 +69,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-customizations[Configuring an Azure cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-customizations[Configuring an Azure cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -98,17 +98,17 @@ include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service == Next steps -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can -xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/ipi/installing-azure-default.adoc b/installing/installing_azure/ipi/installing-azure-default.adoc new file mode 100644 index 0000000000..13701e4b48 --- /dev/null +++ b/installing/installing_azure/ipi/installing-azure-default.adoc @@ -0,0 +1,47 @@ +:_mod-docs-content-type: ASSEMBLY +[id="installing-azure-default"] += Installing a cluster quickly on Azure +include::_attributes/common-attributes.adoc[] +:context: installing-azure-default + +toc::[] + +In {product-title} version {product-version}, you can install a cluster on +Microsoft Azure that uses the default configuration options. + +== Prerequisites + +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. + +include::modules/cluster-entitlements.adoc[leveloffset=+1] + +include::modules/ssh-agent-using.adoc[leveloffset=+1] + +include::modules/installation-obtaining-installer.adoc[leveloffset=+1] + +include::modules/installation-launching-installer.adoc[leveloffset=+1] + +include::modules/cli-installing-cli.adoc[leveloffset=+1] + +include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. + +include::modules/cluster-telemetry.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service + +== Next steps + +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can +xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/ipi/installing-azure-government-region.adoc b/installing/installing_azure/ipi/installing-azure-government-region.adoc new file mode 100644 index 0000000000..43df4a9cb0 --- /dev/null +++ b/installing/installing_azure/ipi/installing-azure-government-region.adoc @@ -0,0 +1,97 @@ +:_mod-docs-content-type: ASSEMBLY +[id="installing-azure-government-region"] += Installing a cluster on Azure into a government region +include::_attributes/common-attributes.adoc[] +:context: installing-azure-government-region + +toc::[] + +In {product-title} version {product-version}, you can install a cluster on +Microsoft Azure into a government region. To configure the government region, +you modify parameters in the `install-config.yaml` file before you install the +cluster. + +== Prerequisites + +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated government region to deploy the cluster to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you can xref:../../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[manually create and maintain long-term credentials]. +* If you use customer-managed encryption keys, you xref:../../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. + +include::modules/installation-azure-about-government-region.adoc[leveloffset=+1] + +include::modules/private-clusters-default.adoc[leveloffset=+1] + +include::modules/private-clusters-about-azure.adoc[leveloffset=+2] + +include::modules/installation-azure-user-defined-routing.adoc[leveloffset=+2] + +include::modules/installation-about-custom-azure-vnet.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* xref:../../../networking/openshift_sdn/about-openshift-sdn.adoc#about-openshift-sdn[About the OpenShift SDN network plugin] + +* xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[Configuring your firewall] + + + +include::modules/cluster-entitlements.adoc[leveloffset=+1] + +include::modules/ssh-agent-using.adoc[leveloffset=+1] + +include::modules/installation-obtaining-installer.adoc[leveloffset=+1] + +include::modules/installation-initializing-manual.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources +* xref:../../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] + +include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] + +[role="_additional-resources"] +.Additional resources + +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] + +include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2] + +include::modules/installation-azure-trusted-launch.adoc[leveloffset=+2] +include::modules/installation-azure-confidential-vms.adoc[leveloffset=+2] + +include::modules/installation-azure-config-yaml.adoc[leveloffset=+2] + +include::modules/installation-configure-proxy.adoc[leveloffset=+2] + +[role="_additional-resources"] +.Additional resources + +* For more details about Accelerated Networking, see xref:../../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. + +include::modules/installation-launching-installer.adoc[leveloffset=+1] + +include::modules/cli-installing-cli.adoc[leveloffset=+1] + +include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. + +include::modules/cluster-telemetry.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service + +== Next steps + +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* If necessary, you can +xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/installing-azure-network-customizations.adoc b/installing/installing_azure/ipi/installing-azure-network-customizations.adoc similarity index 60% rename from installing/installing_azure/installing-azure-network-customizations.adoc rename to installing/installing_azure/ipi/installing-azure-network-customizations.adoc index 48cf7f84df..7a8fee7401 100644 --- a/installing/installing_azure/installing-azure-network-customizations.adoc +++ b/installing/installing_azure/ipi/installing-azure-network-customizations.adoc @@ -18,11 +18,11 @@ cluster. == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. -* If you use customer-managed encryption keys, you xref:../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use customer-managed encryption keys, you xref:../../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. include::modules/cluster-entitlements.adoc[leveloffset=+1] @@ -34,14 +34,14 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] +* xref:../../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2] @@ -62,13 +62,13 @@ include::modules/configuring-hybrid-ovnkubernetes.adoc[leveloffset=+1] [NOTE] ==== -For more information on using Linux and Windows nodes in the same cluster, see xref:../../windows_containers/understanding-windows-container-workloads.adoc#understanding-windows-container-workloads[Understanding Windows container workloads]. +For more information on using Linux and Windows nodes in the same cluster, see xref:../../../windows_containers/understanding-windows-container-workloads.adoc#understanding-windows-container-workloads[Understanding Windows container workloads]. ==== [role="_additional-resources"] .Additional resources -* For more details about Accelerated Networking, see xref:../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. +* For more details about Accelerated Networking, see xref:../../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. //Installing the OpenShift CLI by downloading the binary: Moved up to precede manual cred (short and long) steps, which require the use of `oc` include::modules/cli-installing-cli.adoc[leveloffset=+1] @@ -78,9 +78,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_azure/installing-azure-network-customizations.adoc#manually-create-iam_installing-azure-network-customizations[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#manually-create-iam_installing-azure-network-customizations[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-network-customizations[Configuring an Azure cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-with-short-term-creds_installing-azure-network-customizations[Configuring an Azure cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -107,17 +107,17 @@ include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service == Next steps -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can -xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/installing-azure-private.adoc b/installing/installing_azure/ipi/installing-azure-private.adoc similarity index 57% rename from installing/installing_azure/installing-azure-private.adoc rename to installing/installing_azure/ipi/installing-azure-private.adoc index a34ef6a75b..16685f28e1 100644 --- a/installing/installing_azure/installing-azure-private.adoc +++ b/installing/installing_azure/ipi/installing-azure-private.adoc @@ -10,11 +10,11 @@ In {product-title} version {product-version}, you can install a private cluster == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. -* If you use customer-managed encryption keys, you xref:../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use customer-managed encryption keys, you xref:../../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. include::modules/private-clusters-default.adoc[leveloffset=+1] @@ -24,6 +24,13 @@ include::modules/installation-azure-user-defined-routing.adoc[leveloffset=+2] include::modules/installation-about-custom-azure-vnet.adoc[leveloffset=+1] +[role="_additional-resources"] +.Additional resources + +* xref:../../../networking/openshift_sdn/about-openshift-sdn.adoc#about-openshift-sdn[About the OpenShift SDN network plugin] + +* xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[Configuring your firewall] + include::modules/cluster-entitlements.adoc[leveloffset=+1] include::modules/ssh-agent-using.adoc[leveloffset=+1] @@ -34,14 +41,14 @@ include::modules/installation-initializing-manual.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] +* xref:../../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2] @@ -57,7 +64,7 @@ include::modules/installation-configure-proxy.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* For more details about Accelerated Networking, see xref:../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. +* For more details about Accelerated Networking, see xref:../../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. //Installing the OpenShift CLI by downloading the binary: Moved up to precede manual cred (short and long) steps, which require the use of `oc` include::modules/cli-installing-cli.adoc[leveloffset=+1] @@ -67,9 +74,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_azure/installing-azure-private.adoc#manually-create-iam_installing-azure-private[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_azure/ipi/installing-azure-private.adoc#manually-create-iam_installing-azure-private[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_azure/installing-azure-private.adoc#installing-azure-with-short-term-creds_installing-azure-private[Configuring an Azure cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_azure/ipi/installing-azure-private.adoc#installing-azure-with-short-term-creds_installing-azure-private[Configuring an Azure cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -94,7 +101,7 @@ include::modules/installing-private-image-registry-private-azure.adoc[leveloffse [role="_additional-resources"] .Additional resources -* For the list of permissions needed to create a private storage endpoint, see xref:../../installing/installing_azure/installing-azure-account.adoc#minimum-required-permissions-ipi-azure_installing-azure-account[Required Azure permissions for installer-provisioned infrastructure]. +* For the list of permissions needed to create a private storage endpoint, see xref:../../../installing/installing_azure/installing-azure-account.adoc#minimum-required-permissions-ipi-azure_installing-azure-account[Required Azure permissions for installer-provisioned infrastructure]. include::modules/installation-launching-installer.adoc[leveloffset=+1] @@ -103,17 +110,17 @@ include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service == Next steps -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can -xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/installing-azure-vnet.adoc b/installing/installing_azure/ipi/installing-azure-vnet.adoc similarity index 55% rename from installing/installing_azure/installing-azure-vnet.adoc rename to installing/installing_azure/ipi/installing-azure-vnet.adoc index 116d33addb..0ad66b2357 100644 --- a/installing/installing_azure/installing-azure-vnet.adoc +++ b/installing/installing_azure/ipi/installing-azure-vnet.adoc @@ -10,14 +10,21 @@ In {product-title} version {product-version}, you can install a cluster into an == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. -* If you use customer-managed encryption keys, you xref:../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use customer-managed encryption keys, you xref:../../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. include::modules/installation-about-custom-azure-vnet.adoc[leveloffset=+1] +[role="_additional-resources"] +.Additional resources + +* xref:../../../networking/openshift_sdn/about-openshift-sdn.adoc#about-openshift-sdn[About the OpenShift SDN network plugin] + +* xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[Configuring your firewall] + include::modules/cluster-entitlements.adoc[leveloffset=+1] include::modules/ssh-agent-using.adoc[leveloffset=+1] @@ -28,14 +35,14 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] +* xref:../../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2] @@ -51,7 +58,7 @@ include::modules/installation-configure-proxy.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* For more details about Accelerated Networking, see xref:../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. +* For more details about Accelerated Networking, see xref:../../../machine_management/creating_machinesets/creating-machineset-azure.adoc#machineset-azure-accelerated-networking_creating-machineset-azure[Accelerated Networking for Microsoft Azure VMs]. //Installing the OpenShift CLI by downloading the binary: Moved up to precede manual cred (short and long) steps, which require the use of `oc` include::modules/cli-installing-cli.adoc[leveloffset=+1] @@ -61,9 +68,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_azure/installing-azure-vnet.adoc#manually-create-iam_installing-azure-vnet[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_azure/ipi/installing-azure-vnet.adoc#manually-create-iam_installing-azure-vnet[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-with-short-term-creds_installing-azure-vnet[Configuring an Azure cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-with-short-term-creds_installing-azure-vnet[Configuring an Azure cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -88,17 +95,17 @@ include::modules/installation-launching-installer.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. +* See xref:../../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console. include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service == Next steps -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can -xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc b/installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc similarity index 60% rename from installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc rename to installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc index b7c58a91c4..0dac344d4e 100644 --- a/installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc +++ b/installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc @@ -16,10 +16,10 @@ You can install an {product-title} cluster by using mirrored installation releas [id="prerequisites_installing-restricted-networks-azure-installer-provisioned"] == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster. -* You xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-about-mirror-registry_installing-mirroring-installation-images[mirrored the images for a disconnected installation] to your registry and obtained the `imageContentSources` data for your version of {product-title}. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster. +* You xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-about-mirror-registry_installing-mirroring-installation-images[mirrored the images for a disconnected installation] to your registry and obtained the `imageContentSources` data for your version of {product-title}. + [IMPORTANT] ==== @@ -28,8 +28,8 @@ Because the installation media is on the mirror host, you can use that computer * You have an existing VNet in Azure. While installing a cluster in a restricted network that uses installer-provisioned infrastructure, you cannot use the installer-provisioned VNet. You must use a user-provisioned VNet that satisfies one of the following requirements: ** The VNet contains the mirror registry ** The VNet has firewall rules or a peering connection to access the mirror registry hosted elsewhere -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. -* If you use customer-managed encryption keys, you xref:../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If you use customer-managed encryption keys, you xref:../../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. include::modules/installation-about-restricted-network.adoc[leveloffset=+1] @@ -37,6 +37,13 @@ include::modules/installation-azure-user-defined-routing.adoc[leveloffset=+2] include::modules/installation-about-custom-azure-vnet.adoc[leveloffset=+1] +[role="_additional-resources"] +.Additional resources + +* xref:../../../networking/openshift_sdn/about-openshift-sdn.adoc#about-openshift-sdn[About the OpenShift SDN network plugin] + +* xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[Configuring your firewall] + include::modules/cluster-entitlements.adoc[leveloffset=+1] include::modules/ssh-agent-using.adoc[leveloffset=+1] @@ -45,7 +52,7 @@ include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] +* xref:../../../installing/installing_azure/installation-config-parameters-azure.adoc#installation-config-parameters-azure[Installation configuration parameters for Azure] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] @@ -68,9 +75,9 @@ include::modules/cli-installing-cli.adoc[leveloffset=+1] By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives: -* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc#manually-create-iam_installing-restricted-networks-azure-installer-provisioned[Manually creating long-term credentials]. +* To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc#manually-create-iam_installing-restricted-networks-azure-installer-provisioned[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_azure/installing-restricted-networks-azure-installer-provisioned.adoc#installing-azure-with-short-term-creds_installing-restricted-networks-azure-installer-provisioned[Configuring an Azure cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc#installing-azure-with-short-term-creds_installing-restricted-networks-azure-installer-provisioned[Configuring an Azure cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] @@ -99,10 +106,10 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service == Next steps -* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. +* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster]. * If necessary, you can -xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. +xref:../../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting]. diff --git a/installing/installing_azure/ipi/modules b/installing/installing_azure/ipi/modules new file mode 120000 index 0000000000..7e8b50bee7 --- /dev/null +++ b/installing/installing_azure/ipi/modules @@ -0,0 +1 @@ +../../../modules/ \ No newline at end of file diff --git a/installing/installing_azure/ipi/snippets b/installing/installing_azure/ipi/snippets new file mode 120000 index 0000000000..ce62fd7c41 --- /dev/null +++ b/installing/installing_azure/ipi/snippets @@ -0,0 +1 @@ +../../../snippets/ \ No newline at end of file diff --git a/installing/installing_azure/preparing-to-install-on-azure.adoc b/installing/installing_azure/preparing-to-install-on-azure.adoc index 15acfc717b..5a5caaf0ea 100644 --- a/installing/installing_azure/preparing-to-install-on-azure.adoc +++ b/installing/installing_azure/preparing-to-install-on-azure.adoc @@ -17,7 +17,7 @@ toc::[] Before installing {product-title} on Microsoft Azure, you must configure an Azure account. See xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[Configuring an Azure account] for details about account configuration, account limits, public DNS zone configuration, required roles, creating service principals, and supported Azure regions. -If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, see xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-manual-modes_installing-azure-customizations[Alternatives to storing administrator-level secrets in the kube-system project] for other options. +If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, see xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-manual-modes_installing-azure-customizations[Alternatives to storing administrator-level secrets in the kube-system project] for other options. [id="choosing-an-method-to-install-ocp-on-azure"] == Choosing a method to install {product-title} on Azure @@ -31,24 +31,28 @@ See xref:../../architecture/architecture-installation.adoc#installation-process_ You can install a cluster on Azure infrastructure that is provisioned by the {product-title} installation program, by using one of the following methods: -* **xref:../../installing/installing_azure/installing-azure-default.adoc#installing-azure-default[Installing a cluster quickly on Azure]**: You can install {product-title} on Azure infrastructure that is provisioned by the {product-title} installation program. You can install a cluster quickly by using the default configuration options. +* **xref:../../installing/installing_azure/ipi/installing-azure-default.adoc#installing-azure-default[Installing a cluster quickly on Azure]**: You can install {product-title} on Azure infrastructure that is provisioned by the {product-title} installation program. You can install a cluster quickly by using the default configuration options. -* **xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Installing a customized cluster on Azure]**: You can install a customized cluster on Azure infrastructure that the installation program provisions. The installation program allows for some customization to be applied at the installation stage. Many other customization options are available xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-cluster-tasks[post-installation]. +* **xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[Installing a customized cluster on Azure]**: You can install a customized cluster on Azure infrastructure that the installation program provisions. The installation program allows for some customization to be applied at the installation stage. Many other customization options are available xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-cluster-tasks[post-installation]. -* **xref:../../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Installing a cluster on Azure with network customizations]**: You can customize your {product-title} network configuration during installation, so that your cluster can coexist with your existing IP address allocations and adhere to your network requirements. +* **xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Installing a cluster on Azure with network customizations]**: You can customize your {product-title} network configuration during installation, so that your cluster can coexist with your existing IP address allocations and adhere to your network requirements. -* **xref:../../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[Installing a cluster on Azure into an existing VNet]**: You can install {product-title} on an existing Azure Virtual Network (VNet) on Azure. You can use this installation method if you have constraints set by the guidelines of your company, such as limits when creating new accounts or infrastructure. +* **xref:../../installing/installing_azure/ipi/installing-restricted-networks-azure-installer-provisioned.adoc#installing-restricted-networks-azure-installer-provisioned[Installing a cluster on Azure in a restricted network]** : You can install a cluster on Microsoft Azure in a restricted network by creating an internal mirror of the installation release content on an existing Azure Virtual Network (VNet). -* **xref:../../installing/installing_azure/installing-azure-private.adoc#installing-azure-private[Installing a private cluster on Azure]**: You can install a private cluster into an existing Azure Virtual Network (VNet) on Azure. You can use this method to deploy {product-title} on an internal network that is not visible to the internet. +* **xref:../../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[Installing a cluster on Azure into an existing VNet]**: You can install {product-title} on an existing Azure Virtual Network (VNet) on Azure. You can use this installation method if you have constraints set by the guidelines of your company, such as limits when creating new accounts or infrastructure. -* **xref:../../installing/installing_azure/installing-azure-government-region.adoc#installing-azure-government-region[Installing a cluster on Azure into a government region]**: {product-title} can be deployed into Microsoft Azure Government (MAG) regions that are specifically designed for US government agencies at the federal, state, and local level, as well as contractors, educational institutions, and other US customers that must run sensitive workloads on Azure. +* **xref:../../installing/installing_azure/ipi/installing-azure-private.adoc#installing-azure-private[Installing a private cluster on Azure]**: You can install a private cluster into an existing Azure Virtual Network (VNet) on Azure. You can use this method to deploy {product-title} on an internal network that is not visible to the internet. + +* **xref:../../installing/installing_azure/ipi/installing-azure-government-region.adoc#installing-azure-government-region[Installing a cluster on Azure into a government region]**: {product-title} can be deployed into Microsoft Azure Government (MAG) regions that are specifically designed for US government agencies at the federal, state, and local level, as well as contractors, educational institutions, and other US customers that must run sensitive workloads on Azure. [id="choosing-an-method-to-install-ocp-on-azure-user-provisioned"] === Installing a cluster on user-provisioned infrastructure -You can install a cluster on Azure infrastructure that you provision, by using the following method: +You can install a cluster on Azure infrastructure that you provision, by using one of the following methods: -* **xref:../../installing/installing_azure/installing-azure-user-infra.adoc#installing-azure-user-infra[Installing a cluster on Azure using ARM templates]**: You can install {product-title} on Azure by using infrastructure that you provide. You can use the provided Azure Resource Manager (ARM) templates to assist with an installation. +* **xref:../../installing/installing_azure/upi/installing-restricted-networks-azure-user-provisioned.adoc#installing-restricted-networks-azure-user-provisioned[Installing a cluster on Azure in a restricted network with user-provisioned infrastructure]**: You can perform an installation on Azure that does not require an active connection to the internet to obtain software components. + +* **xref:../../installing/installing_azure/upi/installing-azure-user-infra.adoc#installing-azure-user-infra[Installing a cluster on Azure using ARM templates]**: You can install {product-title} on Azure by using infrastructure that you provide. You can use the provided Azure Resource Manager (ARM) templates to assist with an installation. [id="preparing-to-install-on-azure-next-steps"] == Next steps diff --git a/installing/installing_azure/upi/_attributes b/installing/installing_azure/upi/_attributes new file mode 120000 index 0000000000..bf7c2529fd --- /dev/null +++ b/installing/installing_azure/upi/_attributes @@ -0,0 +1 @@ +../../../_attributes/ \ No newline at end of file diff --git a/installing/installing_azure/upi/images b/installing/installing_azure/upi/images new file mode 120000 index 0000000000..4399cbb3c0 --- /dev/null +++ b/installing/installing_azure/upi/images @@ -0,0 +1 @@ +../../../images/ \ No newline at end of file diff --git a/installing/installing_azure/installing-azure-user-infra.adoc b/installing/installing_azure/upi/installing-azure-user-infra.adoc similarity index 81% rename from installing/installing_azure/installing-azure-user-infra.adoc rename to installing/installing_azure/upi/installing-azure-user-infra.adoc index a94fafdedc..d40acc0f23 100644 --- a/installing/installing_azure/installing-azure-user-infra.adoc +++ b/installing/installing_azure/upi/installing-azure-user-infra.adoc @@ -18,12 +18,12 @@ The steps for performing a user-provisioned infrastructure installation are prov == Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster. * You downloaded the Azure CLI and installed it on your computer. See link:https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest[Install the Azure CLI] in the Azure documentation. The documentation below was last tested using version `2.38.0` of the Azure CLI. Azure CLI commands might perform differently based on the version you use. -* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, see xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-manual-modes_installing-azure-customizations[Alternatives to storing administrator-level secrets in the kube-system project]. -* If you use a firewall and plan to use the Telemetry service, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured the firewall to allow the sites] that your cluster requires access to. +* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, see xref:../../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-manual-modes_installing-azure-customizations[Alternatives to storing administrator-level secrets in the kube-system project]. +* If you use a firewall and plan to use the Telemetry service, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured the firewall to allow the sites] that your cluster requires access to. + [NOTE] ==== @@ -47,7 +47,7 @@ include::modules/installation-azure-limits.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-azure-network-config.adoc[leveloffset=+2] @@ -70,7 +70,7 @@ include::modules/installation-creating-azure-service-principal.adoc[leveloffset= [role="_additional-resources"] .Additional resources -* For more information about CCO modes, see xref:../../authentication/managing_cloud_provider_credentials/about-cloud-credential-operator.adoc#about-cloud-credential-operator-modes[About the Cloud Credential Operator]. +* For more information about CCO modes, see xref:../../../authentication/managing_cloud_provider_credentials/about-cloud-credential-operator.adoc#about-cloud-credential-operator-modes[About the Cloud Credential Operator]. include::modules/installation-azure-regions.adoc[leveloffset=+2] @@ -88,7 +88,7 @@ include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2] include::modules/installation-azure-arm-tested-machine-types.adoc[leveloffset=+2] @@ -152,4 +152,4 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service diff --git a/installing/installing_azure/installing-restricted-networks-azure-user-provisioned.adoc b/installing/installing_azure/upi/installing-restricted-networks-azure-user-provisioned.adoc similarity index 75% rename from installing/installing_azure/installing-restricted-networks-azure-user-provisioned.adoc rename to installing/installing_azure/upi/installing-restricted-networks-azure-user-provisioned.adoc index 429ec52e23..b36fbf8def 100644 --- a/installing/installing_azure/installing-restricted-networks-azure-user-provisioned.adoc +++ b/installing/installing_azure/upi/installing-restricted-networks-azure-user-provisioned.adoc @@ -17,18 +17,18 @@ The steps for performing a user-provisioned infrastructure installation are prov .Prerequisites -* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. -* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. -* You xref:../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. -* You xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-about-mirror-registry_installing-mirroring-installation-images[mirrored the images for a disconnected installation] to your registry and obtained the `imageContentSources` data for your version of {product-title}. +* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster and determined the tested and validated region to deploy the cluster to. +* You xref:../../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-about-mirror-registry_installing-mirroring-installation-images[mirrored the images for a disconnected installation] to your registry and obtained the `imageContentSources` data for your version of {product-title}. + [IMPORTANT] ==== Because the installation media is on the mirror host, you must use that computer to complete all installation steps. ==== -* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. -* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you have xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[manually created long-term credentials]. -* If you use customer-managed encryption keys, you xref:../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. +* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you have xref:../../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[manually created long-term credentials]. +* If you use customer-managed encryption keys, you xref:../../../installing/installing_azure/enabling-user-managed-encryption-azure.adoc#enabling-user-managed-encryption-azure[prepared your Azure environment for encryption]. include::modules/installation-about-restricted-network.adoc[leveloffset=+1] @@ -49,7 +49,7 @@ include::modules/installation-azure-limits.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] +* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage] include::modules/installation-azure-network-config.adoc[leveloffset=+2] @@ -68,7 +68,7 @@ include::modules/installation-azure-service-principal.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* For more information about CCO modes, see xref:../../authentication/managing_cloud_provider_credentials/about-cloud-credential-operator.adoc#about-cloud-credential-operator-modes[About the Cloud Credential Operator]. +* For more information about CCO modes, see xref:../../../authentication/managing_cloud_provider_credentials/about-cloud-credential-operator.adoc#about-cloud-credential-operator-modes[About the Cloud Credential Operator]. include::modules/installation-azure-regions.adoc[leveloffset=+2] @@ -146,4 +146,4 @@ include::modules/cluster-telemetry.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service +* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service diff --git a/installing/installing_azure/upi/modules b/installing/installing_azure/upi/modules new file mode 120000 index 0000000000..7e8b50bee7 --- /dev/null +++ b/installing/installing_azure/upi/modules @@ -0,0 +1 @@ +../../../modules/ \ No newline at end of file diff --git a/installing/installing_azure/upi/snippets b/installing/installing_azure/upi/snippets new file mode 120000 index 0000000000..ce62fd7c41 --- /dev/null +++ b/installing/installing_azure/upi/snippets @@ -0,0 +1 @@ +../../../snippets/ \ No newline at end of file diff --git a/installing/installing_sno/install-sno-installing-sno.adoc b/installing/installing_sno/install-sno-installing-sno.adoc index c0d80b1574..9cc219944a 100644 --- a/installing/installing_sno/install-sno-installing-sno.adoc +++ b/installing/installing_sno/install-sno-installing-sno.adoc @@ -120,7 +120,7 @@ include::modules/install-sno-installing-sno-on-azure.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#installing-azure-customizations[Installing a cluster on Azure with customizations] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[Installing a cluster on Azure with customizations] include::modules/install-sno-installing-sno-on-gcp.adoc[leveloffset=+2] diff --git a/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc b/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc index 160468139d..178f5135c4 100644 --- a/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc +++ b/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-azure.adoc @@ -64,7 +64,7 @@ include::modules/machineset-azure-accelerated-networking.adoc[leveloffset=+2] //Not applicable for 4.12, possibly 4.13? //[role="_additional-resources"] //.Additional resources -//* xref:../../../installing/installing_azure/installing-azure-customizations.adoc#machineset-azure-enabling-accelerated-networking-new-install_installing-azure-customizations[Enabling Accelerated Networking during installation] +//* xref:../../../installing/installing_azure/ipi/installing-azure-customizations.adoc#machineset-azure-enabling-accelerated-networking-new-install_installing-azure-customizations[Enabling Accelerated Networking during installation] // Enabling Accelerated Networking on an existing Microsoft Azure cluster include::modules/machineset-azure-enabling-accelerated-networking-existing.adoc[leveloffset=+3] \ No newline at end of file diff --git a/machine_management/creating_machinesets/creating-machineset-azure.adoc b/machine_management/creating_machinesets/creating-machineset-azure.adoc index b868e0d534..737bd766d1 100644 --- a/machine_management/creating_machinesets/creating-machineset-azure.adoc +++ b/machine_management/creating_machinesets/creating-machineset-azure.adoc @@ -71,7 +71,7 @@ include::modules/nvidia-gpu-aws-deploying-the-node-feature-discovery-operator.ad [role="_additional-resources"] .Additional resources -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#machineset-azure-enabling-accelerated-networking-new-install_installing-azure-customizations[Enabling Accelerated Networking during installation] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#machineset-azure-enabling-accelerated-networking-new-install_installing-azure-customizations[Enabling Accelerated Networking during installation] // Enabling Accelerated Networking on an existing Microsoft Azure cluster include::modules/machineset-azure-enabling-accelerated-networking-existing.adoc[leveloffset=+2] diff --git a/machine_management/user_infra/adding-compute-user-infra-general.adoc b/machine_management/user_infra/adding-compute-user-infra-general.adoc index 4c71ff1b15..ec3365126e 100644 --- a/machine_management/user_infra/adding-compute-user-infra-general.adoc +++ b/machine_management/user_infra/adding-compute-user-infra-general.adoc @@ -16,7 +16,7 @@ To add more compute machines to your {product-title} cluster on Amazon Web Servi [id="upi-adding-compute-azure"] == Adding compute machines to Microsoft Azure -To add more compute machines to your {product-title} cluster on Microsoft Azure, see xref:../../installing/installing_azure/installing-azure-user-infra.adoc#installation-creating-azure-worker_installing-azure-user-infra[Creating additional worker machines in Azure]. +To add more compute machines to your {product-title} cluster on Microsoft Azure, see xref:../../installing/installing_azure/upi/installing-azure-user-infra.adoc#installation-creating-azure-worker_installing-azure-user-infra[Creating additional worker machines in Azure]. [id="upi-adding-compute-ash"] == Adding compute machines to Azure Stack Hub diff --git a/modules/installation-about-custom-azure-vnet.adoc b/modules/installation-about-custom-azure-vnet.adoc index 06c379d946..50a89927cd 100644 --- a/modules/installation-about-custom-azure-vnet.adoc +++ b/modules/installation-about-custom-azure-vnet.adoc @@ -123,19 +123,13 @@ endif::restricted[] |=== [.small] -- -1. If you are using Azure Firewall to restrict the internet access, then xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[you can configure Azure Firewall to allow the Azure APIs]. A network security group rule is not needed. +1. If you are using Azure Firewall to restrict the internet access, then you can configure Azure Firewall to allow the Azure APIs. A network security group rule is not needed. For more information, see "Configuring your firewall" in "Additional resources". -- include::snippets/mcs-endpoint-limitation.adoc[] Because cluster components do not modify the user-provided network security groups, which the Kubernetes controllers update, a pseudo-network security group is created for the Kubernetes controller to modify without impacting the rest of the environment. -[role="_additional-resources"] -.Additional resources - -* xref:../../networking/openshift_sdn/about-openshift-sdn.adoc#about-openshift-sdn[About the OpenShift SDN network plugin] - -* xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[Configuring your firewall] [id="installation-about-custom-azure-permissions_{context}"] == Division of permissions diff --git a/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc b/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc index 9e2d6a640d..36343a3456 100644 --- a/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc +++ b/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc @@ -17,4 +17,4 @@ include::modules/configuring-hybrid-ovnkubernetes.adoc[leveloffset=+1] * xref:../../windows_containers/understanding-windows-container-workloads.adoc#understanding-windows-container-workloads[Understanding Windows container workloads] * xref:../../windows_containers/enabling-windows-container-workloads.adoc#enabling-windows-container-workloads[Enabling Windows container workloads] * xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations] -* xref:../../installing/installing_azure/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Installing a cluster on Azure with network customizations] +* xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Installing a cluster on Azure with network customizations] diff --git a/updating/preparing_for_updates/preparing-manual-creds-update.adoc b/updating/preparing_for_updates/preparing-manual-creds-update.adoc index 6fa031d9bd..58bd5b9d3d 100644 --- a/updating/preparing_for_updates/preparing-manual-creds-update.adoc +++ b/updating/preparing_for_updates/preparing-manual-creds-update.adoc @@ -62,7 +62,7 @@ include::modules/manually-maintained-credentials-upgrade.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources * xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials for AWS] -* xref:../../installing/installing_azure/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] +* xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#manually-create-iam_installing-azure-customizations[Manually creating long-term credentials for Azure] * xref:../../installing/installing_azure_stack_hub/installing-azure-stack-hub-default.adoc#manually-create-iam_installing-azure-stack-hub-default[Manually creating long-term credentials for Azure Stack Hub] * xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[Manually creating long-term credentials for GCP] * xref:../../updating/preparing_for_updates/preparing-manual-creds-update.adoc#cco-manual-upgrade-annotation_preparing-manual-creds-update[Indicating that the cluster is ready to upgrade] diff --git a/welcome/index.adoc b/welcome/index.adoc index 69dae21d9b..88a4b9d2d3 100644 --- a/welcome/index.adoc +++ b/welcome/index.adoc @@ -136,7 +136,7 @@ endif::openshift-origin[] - **Install a cluster in an existing network**: If you use an existing Virtual Private Cloud (VPC) in xref:../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[{aws-first}] or xref:../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[{gcp-short}] or an existing -xref:../installing/installing_azure/installing-azure-vnet.adoc#installing-azure-vnet[VNet] +xref:../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[VNet] on Microsoft Azure, you can install a cluster. Also consider xref:../installing/installing_gcp/installing-gcp-shared-vpc.adoc#installation-gcp-shared-vpc-prerequisites_installing-gcp-shared-vpc[Installing a cluster on {gcp-short} into a shared VPC] - **Install a private cluster**: If your cluster does not require external diff --git a/windows_containers/enabling-windows-container-workloads.adoc b/windows_containers/enabling-windows-container-workloads.adoc index 6688e173c5..542a82cac1 100644 --- a/windows_containers/enabling-windows-container-workloads.adoc +++ b/windows_containers/enabling-windows-container-workloads.adoc @@ -56,5 +56,5 @@ include::modules/wmco-cluster-wide-proxy.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../installing/installing_azure/installing-azure-default.adoc#ssh-agent-using_installing-azure-default[Generating a key pair for cluster node SSH access] +* xref:../installing/installing_azure/ipi/installing-azure-default.adoc#ssh-agent-using_installing-azure-default[Generating a key pair for cluster node SSH access] * xref:../operators/admin/olm-adding-operators-to-cluster.adoc#olm-adding-operators-to-a-cluster[Adding Operators to a cluster].