From 8f0de4598be12d117bf109a7d7223a046f94ea04 Mon Sep 17 00:00:00 2001 From: Brendan Daly Date: Tue, 29 Jul 2025 09:03:31 +0100 Subject: [PATCH] OSDOCS-15577:combining AWS assemblies --- _topic_maps/_topic_map.yml | 2 - .../installing-aws-account.adoc | 1 - .../ipi/installing-aws-customizations.adoc | 44 ++++-- .../preparing-to-install-on-aws.adoc | 4 +- installing/overview/installing-preparing.adoc | 8 +- modules/cco-ccoctl-configuring.adoc | 7 - modules/cco-ccoctl-creating-at-once.adoc | 5 +- modules/cco-ccoctl-creating-individually.adoc | 1 - ...cco-ccoctl-install-creating-manifests.adoc | 1 - modules/cli-installing-cli.adoc | 1 - modules/cli-logging-in-kubeadmin.adoc | 1 - modules/cluster-entitlements.adoc | 1 - modules/cluster-telemetry.adoc | 1 - modules/configuring-hybrid-ovnkubernetes.adoc | 141 +----------------- ...allation-aws-arm-tested-machine-types.adoc | 1 - ...installation-aws-tested-machine-types.adoc | 1 - modules/installation-configure-proxy.adoc | 7 - modules/installation-initializing.adoc | 7 - modules/installation-launching-installer.adoc | 9 -- ...nfiguring-ingress-cluster-traffic-aws.adoc | 4 +- .../configuring-hybrid-networking.adoc | 7 +- .../cluster-tasks.adoc | 2 +- .../optimization/optimizing-networking.adoc | 2 +- 23 files changed, 47 insertions(+), 211 deletions(-) diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index 68c984de9e..e986ab7f9b 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -208,8 +208,6 @@ Topics: File: installing-aws-default - Name: Installing a cluster with customizations File: installing-aws-customizations - - Name: Installing a cluster with network customizations - File: installing-aws-network-customizations - Name: Installing a cluster in a disconnected environment File: installing-restricted-networks-aws-installer-provisioned - Name: Installing a cluster into an existing VPC diff --git a/installing/installing_aws/installing-aws-account.adoc b/installing/installing_aws/installing-aws-account.adoc index dd13472620..670a73d022 100644 --- a/installing/installing_aws/installing-aws-account.adoc +++ b/installing/installing_aws/installing-aws-account.adoc @@ -39,5 +39,4 @@ include::modules/installation-aws-regions.adoc[leveloffset=+1] * Install an {product-title} cluster: ** xref:../../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[Quickly install a cluster] with default options on installer-provisioned infrastructure ** xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Install a cluster with cloud customizations on installer-provisioned infrastructure] -** xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Install a cluster with network customizations on installer-provisioned infrastructure] ** xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates] \ No newline at end of file diff --git a/installing/installing_aws/ipi/installing-aws-customizations.adoc b/installing/installing_aws/ipi/installing-aws-customizations.adoc index 0ce90f1e86..148be4844c 100644 --- a/installing/installing_aws/ipi/installing-aws-customizations.adoc +++ b/installing/installing_aws/ipi/installing-aws-customizations.adoc @@ -1,16 +1,17 @@ :_mod-docs-content-type: ASSEMBLY [id="installing-aws-customizations"] -= Installing a cluster on AWS with customizations += Installing a cluster on {aws-short} with customizations include::_attributes/common-attributes.adoc[] :context: installing-aws-customizations :platform: AWS toc::[] -In {product-title} version {product-version}, you can install a customized -cluster on infrastructure that the installation program provisions on -Amazon Web Services (AWS). To customize the installation, you modify -parameters in the `install-config.yaml` file before you install the cluster. +In {product-title} version {product-version}, you can install a cluster on {aws-first} by using installer-provisioned infrastructure with customizations, including network configuration options. In each, you modify parameters in the `install-config.yaml` file before you install the cluster. + +By customizing your network configuration, your cluster can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations. + +You must set most of the network configuration parameters during installation, and you can modify only `kubeProxy` configuration parameters in a running cluster. [NOTE] ==== @@ -25,18 +26,20 @@ The scope of the {product-title} installation configurations is intentionally na + [IMPORTANT] ==== -If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program. +If you have an {aws-short} profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current {aws-short} credentials to create {aws-short} resources for the entire life of the cluster, so you must use long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the {aws-short} documentation. You can supply the keys when you run the installation program. ==== * If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. include::modules/installation-aws-marketplace-subscribe.adoc[leveloffset=+1] +include::modules/nw-network-config.adoc[leveloffset=+1] + include::modules/installation-initializing.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for {aws-short}] include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] @@ -54,7 +57,7 @@ include::modules/installation-aws-config-yaml-customizations.adoc[leveloffset=+2 [role="_additional-resources"] .Additional resources -* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for AWS] +* xref:../../../installing/installing_aws/installation-config-parameters-aws.adoc#installation-config-parameters-aws[Installation configuration parameters for {aws-short}] include::modules/installation-configure-proxy.adoc[leveloffset=+2] @@ -65,14 +68,14 @@ By default, administrator secrets are stored in the `kube-system` project. If yo * To manage long-term cloud credentials manually, follow the procedure in xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[Manually creating long-term credentials]. -* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an AWS cluster to use short-term credentials]. +* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-with-short-term-creds_installing-aws-customizations[Configuring an {aws-short} cluster to use short-term credentials]. //Manually creating long-term credentials include::modules/manually-create-identity-access-management.adoc[leveloffset=+2] //Supertask: Configuring an AWS cluster to use short-term credentials [id="installing-aws-with-short-term-creds_{context}"] -=== Configuring an AWS cluster to use short-term credentials +=== Configuring an {aws-short} cluster to use short-term credentials To install a cluster that is configured to use the AWS Security Token Service (STS), you must configure the CCO utility and create the required AWS resources for your cluster. @@ -81,13 +84,13 @@ include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3] //Task part 2: Creating the required AWS resources [id="sts-mode-create-aws-resources-ccoctl_{context}"] -==== Creating AWS resources with the Cloud Credential Operator utility +==== Creating {aws-short} resources with the Cloud Credential Operator utility -You have the following options when creating AWS resources: +You have the following options when creating {aws-short} resources: -* You can use the `ccoctl aws create-all` command to create the AWS resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-customizations[Creating AWS resources with a single command]. +* You can use the `ccoctl aws create-all` command to create the {aws-short} resources automatically. This is the quickest way to create the resources. See xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-creating-at-once_installing-aws-customizations[Creating {aws-short} resources with a single command]. -* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the AWS resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-customizations[Creating AWS resources individually]. +* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create AWS resources automatically does not meet the requirements of your organization, you can create the {aws-short} resources individually. See xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-creating-individually_installing-aws-customizations[Creating {aws-short} resources individually]. //Task part 2a: Creating the required AWS resources all at once include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4] @@ -98,6 +101,19 @@ include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+4] //Task part 3: Incorporating the Cloud Credential Operator utility manifests include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3] +// Network Operator specific configuration +include::modules/nw-operator-cr.adoc[leveloffset=+1] +include::modules/nw-modifying-operator-install-config.adoc[leveloffset=+1] + +[NOTE] +==== +For more information on using a Network Load Balancer (NLB) on {aws-short}, see xref:../../../networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc#nw-configuring-ingress-cluster-traffic-aws-network-load-balancer_configuring-ingress-cluster-traffic-aws[Configuring Ingress cluster traffic on {aws-short} using a Network Load Balancer]. +==== + +include::modules/nw-aws-nlb-new-cluster.adoc[leveloffset=+1] + +include::modules/configuring-hybrid-ovnkubernetes.adoc[leveloffset=+1] + include::modules/installation-launching-installer.adoc[leveloffset=+1] include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] diff --git a/installing/installing_aws/preparing-to-install-on-aws.adoc b/installing/installing_aws/preparing-to-install-on-aws.adoc index 20bce2ba4a..16779907d2 100644 --- a/installing/installing_aws/preparing-to-install-on-aws.adoc +++ b/installing/installing_aws/preparing-to-install-on-aws.adoc @@ -15,9 +15,7 @@ You can install a cluster on AWS infrastructure that is provisioned by the {prod * **xref:../../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[Installing a cluster quickly on AWS]**: You can install {product-title} on AWS infrastructure that is provisioned by the {product-title} installation program. You can install a cluster quickly by using the default configuration options. -* **xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a customized cluster on AWS]**: You can install a customized cluster on AWS infrastructure that the installation program provisions. The installation program allows for some customization to be applied at the installation stage. Many other customization options are available xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-cluster-tasks[post-installation]. - -* **xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]**: You can customize your {product-title} network configuration during installation, so that your cluster can coexist with your existing IP address allocations and adhere to your network requirements. +* **xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a customized cluster on AWS]**: You can install a customized cluster on AWS infrastructure that the installation program provisions. You can also customize your {product-title} network configuration during installation, so that your cluster can coexist with your existing IP address allocations and adhere to your network requirements. The installation program allows for some customization to be applied at the installation stage. Many other customization options are available xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-cluster-tasks[post-installation]. * **xref:../../installing/installing_aws/ipi/installing-restricted-networks-aws-installer-provisioned.adoc#installing-restricted-networks-aws-installer-provisioned[Installing a cluster on AWS in a restricted network]**: You can install {product-title} on AWS on installer-provisioned infrastructure by using an internal mirror of the installation release content. You can use this method to install a cluster that does not require an active internet connection to obtain the software components. diff --git a/installing/overview/installing-preparing.adoc b/installing/overview/installing-preparing.adoc index 7eead540ba..a72e92f9dc 100644 --- a/installing/overview/installing-preparing.adoc +++ b/installing/overview/installing-preparing.adoc @@ -58,7 +58,7 @@ You can deploy an installer-provisioned infrastructure cluster without specifyin If you need to perform basic configuration for your installer-provisioned infrastructure cluster, such as the instance type for the cluster machines, you can customize an installation for xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[AWS], xref:../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-customizations[Azure], xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-customizations[GCP], xref:../../installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc#installing-nutanix-installer-provisioned[Nutanix]. -For installer-provisioned infrastructure installations, you can use an existing xref:../../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[VPC in AWS], xref:../../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[vNet in Azure], or xref:../../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[VPC in GCP]. You can also reuse part of your networking infrastructure so that your cluster in xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[AWS], xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Azure], xref:../../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[GCP] can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations. If you have existing accounts and credentials on these clouds, you can re-use them, but you might need to modify the accounts to have the required permissions to install {product-title} clusters on them. +For installer-provisioned infrastructure installations, you can use an existing xref:../../installing/installing_aws/ipi/installing-aws-vpc.adoc#installing-aws-vpc[VPC in AWS], xref:../../installing/installing_azure/ipi/installing-azure-vnet.adoc#installing-azure-vnet[vNet in Azure], or xref:../../installing/installing_gcp/installing-gcp-vpc.adoc#installing-gcp-vpc[VPC in GCP]. You can also reuse part of your networking infrastructure so that your cluster in xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[AWS], xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Azure], xref:../../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[GCP] can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations. If you have existing accounts and credentials on these clouds, you can re-use them, but you might need to modify the accounts to have the required permissions to install {product-title} clusters on them. You can use the installer-provisioned infrastructure method to create appropriate machine instances on your hardware for xref:../../installing/installing_vsphere/ipi/installing-vsphere-installer-provisioned.adoc#installing-vsphere-installer-provisioned[vSphere], and xref:../../installing/installing_bare_metal/ipi/ipi-install-overview.adoc#ipi-install-overview[bare metal]. Additionally, for xref:../../installing/installing_vsphere/ipi/installing-vsphere-installer-provisioned-customizations.adoc#installing-vsphere-installer-provisioned-customizations[vSphere], you can also customize additional network parameters during installation. @@ -176,8 +176,8 @@ ifndef::openshift-origin[] |Network customization -|xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] -|xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] +|xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] +|xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] |xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../../installing/installing_azure_stack_hub/ipi/installing-azure-stack-hub-network-customizations.adoc#installing-azure-stack-hub-network-customizations[✓] @@ -336,7 +336,7 @@ ifdef::openshift-origin[] | |Network customization -|xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[✓] +|xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[✓] |xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[✓] |xref:../../installing/installing_azure_stack_hub/ipi/installing-azure-stack-hub-network-customizations.adoc#installing-azure-stack-hub-network-customizations[✓] |xref:../../installing/installing_gcp/installing-gcp-network-customizations.adoc#installing-gcp-network-customizations[✓] diff --git a/modules/cco-ccoctl-configuring.adoc b/modules/cco-ccoctl-configuring.adoc index 7e34cbc303..9a4b03a235 100644 --- a/modules/cco-ccoctl-configuring.adoc +++ b/modules/cco-ccoctl-configuring.adoc @@ -11,7 +11,6 @@ // // AWS assemblies: // * installing/installing_aws/installing-aws-customizations.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing_aws/installing-aws-private.adoc @@ -59,9 +58,6 @@ endif::[] ifeval::["{context}" == "installing-aws-customizations"] :aws-sts: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:aws-sts: -endif::[] ifeval::["{context}" == "installing-restricted-networks-aws-installer-provisioned"] :aws-sts: endif::[] @@ -279,9 +275,6 @@ endif::[] ifeval::["{context}" == "installing-aws-customizations"] :!aws-sts: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:!aws-sts: -endif::[] ifeval::["{context}" == "installing-restricted-networks-aws-installer-provisioned"] :!aws-sts: endif::[] diff --git a/modules/cco-ccoctl-creating-at-once.adoc b/modules/cco-ccoctl-creating-at-once.adoc index f2f2ed5898..9345269bdc 100644 --- a/modules/cco-ccoctl-creating-at-once.adoc +++ b/modules/cco-ccoctl-creating-at-once.adoc @@ -2,7 +2,6 @@ // // AWS assemblies: // * installing/installing_aws/installing-aws-customizations.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing_aws/installing-aws-private.adoc @@ -31,7 +30,7 @@ ifeval::["{context}" == "installing-aws-customizations"] :aws-sts: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] +ifeval::["{context}" == "installing-aws-customizations"] :aws-sts: endif::[] ifeval::["{context}" == "installing-restricted-networks-aws-installer-provisioned"] @@ -227,7 +226,7 @@ $ ccoctl azure create-all \ --subscription-id= \// <4> --credentials-requests-dir= \// <5> --dnszone-resource-group-name= \// <6> - --tenant-id= \// <7> + --tenant-id= \// <7> --network-resource-group-name <8> ---- <1> Specify the user-defined name for all created Azure resources used for tracking. diff --git a/modules/cco-ccoctl-creating-individually.adoc b/modules/cco-ccoctl-creating-individually.adoc index 5c0e7078e0..50ffa7ebfc 100644 --- a/modules/cco-ccoctl-creating-individually.adoc +++ b/modules/cco-ccoctl-creating-individually.adoc @@ -2,7 +2,6 @@ // // AWS assemblies: // * installing/installing_aws/installing-aws-customizations.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing_aws/installing-aws-private.adoc diff --git a/modules/cco-ccoctl-install-creating-manifests.adoc b/modules/cco-ccoctl-install-creating-manifests.adoc index af24e2d55f..2ef384b5ee 100644 --- a/modules/cco-ccoctl-install-creating-manifests.adoc +++ b/modules/cco-ccoctl-install-creating-manifests.adoc @@ -2,7 +2,6 @@ // // AWS assemblies: // * installing/installing_aws/installing-aws-customizations.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing_aws/installing-aws-private.adoc diff --git a/modules/cli-installing-cli.adoc b/modules/cli-installing-cli.adoc index 4389607c06..37900f2bb3 100644 --- a/modules/cli-installing-cli.adoc +++ b/modules/cli-installing-cli.adoc @@ -7,7 +7,6 @@ // * installing/installing_aws/installing-aws-china.adoc // * installing/installing_aws/installing-aws-government-region.adoc // * installing/installing_aws/installing-aws-secret-region.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-aws-private.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing_aws/installing-aws-localzone.adoc diff --git a/modules/cli-logging-in-kubeadmin.adoc b/modules/cli-logging-in-kubeadmin.adoc index 2819b6901b..2f0d9ed3a7 100644 --- a/modules/cli-logging-in-kubeadmin.adoc +++ b/modules/cli-logging-in-kubeadmin.adoc @@ -6,7 +6,6 @@ // * installing/installing_aws/installing-aws-china.adoc // * installing/installing_aws/installing-aws-government-region.adoc // * installing/installing_aws/installing-aws-secret-region.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-aws-private.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing-aws-localzone.adoc diff --git a/modules/cluster-entitlements.adoc b/modules/cluster-entitlements.adoc index bc2cc6eb18..45e989ead7 100644 --- a/modules/cluster-entitlements.adoc +++ b/modules/cluster-entitlements.adoc @@ -29,7 +29,6 @@ // * installing/installing_azure/installing-azure-government-region.adoc // * installing/installing_azure/installing-azure-customizations.adoc // * installing/installing_azure/installing-azure-private.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-aws-user-infra.adoc // * installing/installing_aws/installing-restricted-networks-aws.adoc // * installing/installing_aws/installing-aws-customizations.adoc diff --git a/modules/cluster-telemetry.adoc b/modules/cluster-telemetry.adoc index 84b2e3f306..3f9b944bff 100644 --- a/modules/cluster-telemetry.adoc +++ b/modules/cluster-telemetry.adoc @@ -23,7 +23,6 @@ // * installing/installing_azure/installing-azure-government-region.adoc // * installing/installing_azure/installing-azure-customizations.adoc // * installing/installing_azure/installing-azure-private.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-aws-user-infra.adoc // * installing/installing_aws/installing-restricted-networks-aws.adoc // * installing/installing_aws/installing-aws-customizations.adoc diff --git a/modules/configuring-hybrid-ovnkubernetes.adoc b/modules/configuring-hybrid-ovnkubernetes.adoc index 290307695d..01114ed4dd 100644 --- a/modules/configuring-hybrid-ovnkubernetes.adoc +++ b/modules/configuring-hybrid-ovnkubernetes.adoc @@ -1,6 +1,5 @@ // Module included in the following assemblies: // -// * installing/installing_aws/ipi/installing-aws-network-customizations.adoc // * installing/installing_azure/installing-azure-network-customizations.adoc // * installing/installing_azure_stack_hub/installing-azure-stack-hub-network-customizations.adoc // * networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc @@ -15,139 +14,13 @@ endif::[] You can configure your cluster to use hybrid networking with the OVN-Kubernetes network plugin. This allows a hybrid cluster that supports different node networking configurations. -//// -Hiding until WMCO 10.19.0 GAs. Swap the two sections after WMCO GA. + [NOTE] ==== This configuration is necessary to run both Linux and Windows nodes in the same cluster. ==== -//// - -ifndef::post-install[] -.Prerequisites - -// Made changes to hide Windows-related material until WMCO 4.19.0 releases. The full procedure is below, commented out. - -* You defined `OVNKubernetes` for the `networking.networkType` parameter in the `install-config.yaml` file. See the installation documentation for configuring {product-title} network customizations on your chosen cloud provider for more information. - -.Procedure - -. Change to the directory that contains the installation program and create the manifests: -+ -[source,terminal] ----- -$ ./openshift-install create manifests --dir ----- -+ --- -where: - -``:: Specifies the name of the directory that contains the `install-config.yaml` file for your cluster. --- - -. Create a stub manifest file for the advanced network configuration that is named `cluster-network-03-config.yml` in the `/manifests/` directory: -+ -[source,terminal] ----- -$ cat < /manifests/cluster-network-03-config.yml -apiVersion: operator.openshift.io/v1 -kind: Network -metadata: - name: cluster -spec: -EOF ----- -+ --- -where: - -``:: Specifies the directory name that contains the -`manifests/` directory for your cluster. --- - -. Open the `cluster-network-03-config.yml` file in an editor and configure OVN-Kubernetes with hybrid networking, as in the following example: -+ --- -.Specify a hybrid networking configuration -[source,yaml] ----- -apiVersion: operator.openshift.io/v1 -kind: Network -metadata: - name: cluster -spec: - defaultNetwork: - ovnKubernetesConfig: - hybridOverlayConfig: - hybridClusterNetwork: <1> - - cidr: 10.132.0.0/14 - hostPrefix: 23 ----- -<1> Specify the CIDR configuration used for nodes on the additional overlay network. The `hybridClusterNetwork` CIDR must not overlap with the `clusterNetwork` CIDR. --- - -. Save the `cluster-network-03-config.yml` file and quit the text editor. -. Optional: Back up the `manifests/cluster-network-03-config.yml` file. The -installation program deletes the `manifests/` directory when creating the -cluster. -endif::post-install[] -ifdef::post-install[] -.Prerequisites - -* Install the OpenShift CLI (`oc`). -* Log in to the cluster as a user with `cluster-admin` privileges. -* Ensure that the cluster uses the OVN-Kubernetes network plugin. - -.Procedure -. To configure the OVN-Kubernetes hybrid network overlay, enter the following command: -+ -[source,terminal] ----- -$ oc patch networks.operator.openshift.io cluster --type=merge \ - -p '{ - "spec":{ - "defaultNetwork":{ - "ovnKubernetesConfig":{ - "hybridOverlayConfig":{ - "hybridClusterNetwork":[ - { - "cidr": "", - "hostPrefix": - } - ] - } - } - } - } - }' ----- -+ --- -where: - -`cidr`:: Specify the CIDR configuration used for nodes on the additional overlay network. This CIDR must not overlap with the cluster network CIDR. -`hostPrefix`:: Specifies the subnet prefix length to assign to each individual node. For example, if `hostPrefix` is set to `23`, then each node is assigned a `/23` subnet out of the given `cidr`, which allows for 510 (2^(32 - 23) - 2) pod IP addresses. If you are required to provide access to nodes from an external network, configure load balancers and routers to manage the traffic. --- -+ -.Example output -[source,text] ----- -network.operator.openshift.io/cluster patched ----- - -. To confirm that the configuration is active, enter the following command. It can take several minutes for the update to apply. -+ -[source,terminal] ----- -$ oc get network.operator.openshift.io -o jsonpath="{.items[0].spec.defaultNetwork.ovnKubernetesConfig}" ----- - -endif::post-install[] - -//// -Hiding until WMCO 10.19.0 GAs. Swap the two sections after WMCO GA. ifndef::post-install[] .Prerequisites @@ -208,18 +81,16 @@ spec: hybridOverlayVXLANPort: 9898 <2> ---- <1> Specify the CIDR configuration used for nodes on the additional overlay network. The `hybridClusterNetwork` CIDR must not overlap with the `clusterNetwork` CIDR. -<2> Specify a custom VXLAN port for the additional overlay network. This is required for running Windows nodes in a cluster installed on vSphere, and must not be configured for any other cloud provider. The custom port can be any open port excluding the default `4789` port. For more information on this requirement, see the Microsoft documentation on link:https://docs.microsoft.com/en-us/virtualization/windowscontainers/kubernetes/common-problems#pod-to-pod-connectivity-between-hosts-is-broken-on-my-kubernetes-cluster-running-on-vsphere[Pod-to-pod connectivity between hosts is broken]. --- +<2> Specify a custom VXLAN port for the additional overlay network. This is required for running Windows nodes in a cluster installed on vSphere, and must not be configured for any other cloud provider. The custom port can be any open port excluding the default `4789` port. For more information on this requirement, see link:https://docs.microsoft.com/en-us/virtualization/windowscontainers/kubernetes/common-problems#pod-to-pod-connectivity-between-hosts-is-broken-on-my-kubernetes-cluster-running-on-vsphere[Pod-to-pod connectivity between hosts is broken] in the Microsoft documentation. + [NOTE] ==== Windows Server Long-Term Servicing Channel (LTSC): Windows Server 2019 is not supported on clusters with a custom `hybridOverlayVXLANPort` value because this Windows server version does not support selecting a custom VXLAN port. ==== +-- . Save the `cluster-network-03-config.yml` file and quit the text editor. -. Optional: Back up the `manifests/cluster-network-03-config.yml` file. The -installation program deletes the `manifests/` directory when creating the -cluster. +. Optional: Back up the `manifests/cluster-network-03-config.yml` file. The installation program deletes the `manifests/` directory when creating the cluster. endif::post-install[] ifdef::post-install[] .Prerequisites @@ -260,7 +131,7 @@ where: `cidr`:: Specify the CIDR configuration used for nodes on the additional overlay network. This CIDR must not overlap with the cluster network CIDR. `hostPrefix`:: Specifies the subnet prefix length to assign to each individual node. For example, if `hostPrefix` is set to `23`, then each node is assigned a `/23` subnet out of the given `cidr`, which allows for 510 (2^(32 - 23) - 2) pod IP addresses. If you are required to provide access to nodes from an external network, configure load balancers and routers to manage the traffic. -`hybridOverlayVXLANPort`:: Specify a custom VXLAN port for the additional overlay network. This is required for running Windows nodes in a cluster installed on vSphere, and must not be configured for any other cloud provider. The custom port can be any open port excluding the default `4789` port. For more information on this requirement, see the Microsoft documentation on link:https://docs.microsoft.com/en-us/virtualization/windowscontainers/kubernetes/common-problems#pod-to-pod-connectivity-between-hosts-is-broken-on-my-kubernetes-cluster-running-on-vsphere[Pod-to-pod connectivity between hosts is broken]. +`hybridOverlayVXLANPort`:: Specify a custom VXLAN port for the additional overlay network. This is required for running Windows nodes in a cluster installed on vSphere, and must not be configured for any other cloud provider. The custom port can be any open port excluding the default `4789` port. For more information on this requirement, see link:https://docs.microsoft.com/en-us/virtualization/windowscontainers/kubernetes/common-problems#pod-to-pod-connectivity-between-hosts-is-broken-on-my-kubernetes-cluster-running-on-vsphere[Pod-to-pod connectivity between hosts is broken] in the Microsoft documentation. [NOTE] ==== @@ -281,8 +152,6 @@ network.operator.openshift.io/cluster patched $ oc get network.operator.openshift.io -o jsonpath="{.items[0].spec.defaultNetwork.ovnKubernetesConfig}" ---- endif::post-install[] -//// - ifdef::post-install[] :!post-install: endif::[] diff --git a/modules/installation-aws-arm-tested-machine-types.adoc b/modules/installation-aws-arm-tested-machine-types.adoc index 7e335701e3..7450b6686e 100644 --- a/modules/installation-aws-arm-tested-machine-types.adoc +++ b/modules/installation-aws-arm-tested-machine-types.adoc @@ -3,7 +3,6 @@ // installing/installing_aws/installing-aws-china.adoc // installing/installing_aws/installing-aws-customizations.adoc // installing/installing_aws/installing-aws-government-region.adoc -// installing/installing_aws/installing-aws-network-customizations.adoc // installing/installing_aws/installing-aws-private.adoc // installing/installing_aws/installing-aws-user-infra.adoc // installing/installing_aws/installing-aws-vpc.adoc diff --git a/modules/installation-aws-tested-machine-types.adoc b/modules/installation-aws-tested-machine-types.adoc index 6213bdaf96..c21d061a59 100644 --- a/modules/installation-aws-tested-machine-types.adoc +++ b/modules/installation-aws-tested-machine-types.adoc @@ -3,7 +3,6 @@ // installing/installing_aws/installing-aws-china.adoc // installing/installing_aws/installing-aws-customizations.adoc // installing/installing_aws/installing-aws-government-region.adoc -// installing/installing_aws/installing-aws-network-customizations.adoc // installing/installing_aws/installing-aws-private.adoc // installing/installing_aws/installing-aws-secret-region.adoc // installing/installing_aws/installing-aws-user-infra.adoc diff --git a/modules/installation-configure-proxy.adoc b/modules/installation-configure-proxy.adoc index 61ceb57fcc..153095efe8 100644 --- a/modules/installation-configure-proxy.adoc +++ b/modules/installation-configure-proxy.adoc @@ -1,7 +1,6 @@ // Module included in the following assemblies: // // * installing/installing_aws/installing_aws-customizations.adoc -// * installing/installing_aws/installing_aws-network-customizations.adoc // * installing/installing_aws/installing_aws-private.adoc // * installing/installing_aws/installing_aws-vpc.adoc // * installing/installing_aws/installing_aws-china.adoc @@ -69,9 +68,6 @@ endif::[] ifeval::["{context}" == "installing-aws-specialized-region"] :aws: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:aws: -endif::[] ifeval::["{context}" == "installing-aws-private"] :aws: endif::[] @@ -237,9 +233,6 @@ endif::[] ifeval::["{context}" == "installing-aws-customizations"] :!aws: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:!aws: -endif::[] ifeval::["{context}" == "installing-aws-private"] :!aws: endif::[] diff --git a/modules/installation-initializing.adoc b/modules/installation-initializing.adoc index 0fe4942e44..3cffcb04b4 100644 --- a/modules/installation-initializing.adoc +++ b/modules/installation-initializing.adoc @@ -1,7 +1,6 @@ // Module included in the following assemblies: // // * installing/installing_aws/installing-aws-customizations.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc // * installing/installing_aws/installing-aws-outposts-remote-workers.adoc @@ -42,9 +41,6 @@ ifeval::["{context}" == "installing-aws-customizations"] :aws: :three-node-cluster: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:aws: -endif::[] ifeval::["{context}" == "installing-aws-vpc"] :aws: endif::[] @@ -661,9 +657,6 @@ ifeval::["{context}" == "installing-aws-customizations"] :!aws: :!three-node-cluster: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:!aws: -endif::[] ifeval::["{context}" == "installing-aws-vpc"] :!aws: endif::[] diff --git a/modules/installation-launching-installer.adoc b/modules/installation-launching-installer.adoc index e6fa0bb1ce..1027eaae42 100644 --- a/modules/installation-launching-installer.adoc +++ b/modules/installation-launching-installer.adoc @@ -3,7 +3,6 @@ // * installing/installing_aws/installing-aws-customizations.adoc // * installing/installing_aws/installing-aws-default.adoc // * installing/installing_aws/installing-aws-government-region.adoc -// * installing/installing_aws/installing-aws-network-customizations.adoc // * installing/installing_aws/installing-aws-private.adoc // * installing/installing_aws/installing-aws-vpc.adoc // * installing/installing_aws/installing-aws-specialized-region.adoc @@ -70,10 +69,6 @@ ifeval::["{context}" == "installing-aws-secret-region"] :custom-config: :aws: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:custom-config: -:aws: -endif::[] ifeval::["{context}" == "installing-aws-vpc"] :custom-config: :aws: @@ -553,10 +548,6 @@ ifeval::["{context}" == "installing-aws-specialized-region"] :!custom-config: :!aws: endif::[] -ifeval::["{context}" == "installing-aws-network-customizations"] -:!custom-config: -:!aws: -endif::[] ifeval::["{context}" == "installing-aws-vpc"] :!custom-config: :!aws: diff --git a/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc index cfd33adeb9..25fdd801e8 100644 --- a/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc +++ b/networking/ingress_load_balancing/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-aws.adoc @@ -35,7 +35,7 @@ include::modules/nw-aws-nlb-existing-cluster.adoc[leveloffset=+2] [IMPORTANT] ==== -Before you can configure an Ingress Controller NLB on a new AWS cluster, you must complete the xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installation-initializing_installing-aws-network-customizations[Creating the installation configuration file] procedure. +Before you can configure an Ingress Controller NLB on a new AWS cluster, you must complete the xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installation-initializing_installing-aws-customizations[Creating the installation configuration file] procedure. ==== include::modules/nw-aws-nlb-new-cluster.adoc[leveloffset=+2] @@ -50,6 +50,6 @@ include::modules/nw-ingress-aws-static-eip-nlb-configuration.adoc[leveloffset=+2 [id="additional-resources_configuring-ingress-cluster-traffic-aws"] == Additional resources -* xref:../../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations]. +* xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with network customizations]. * For more information on support for NLBs, see link:https://kubernetes.io/docs/concepts/services-networking/service/#aws-nlb-support[Network Load Balancer support on AWS]. * For more information on proxy protocol support for CLBs, see link:https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html[Configure proxy protocol support for your Classic Load Balancer] diff --git a/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc b/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc index c908375cb5..9b3687ccfd 100644 --- a/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc +++ b/networking/ovn_kubernetes_network_provider/configuring-hybrid-networking.adoc @@ -14,10 +14,5 @@ include::modules/configuring-hybrid-ovnkubernetes.adoc[leveloffset=+1] [id="configuring-hybrid-networking-additional-resources"] == Additional resources -//// -Hiding until WMCO 10.19.0 GAs -* ../../windows_containers/understanding-windows-container-workloads.adoc#understanding-windows-container-workloads[Understanding Windows container workloads] -* ../../windows_containers/enabling-windows-container-workloads.adoc#enabling-windows-container-workloads[Enabling Windows container workloads] -//// -* xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[Installing a cluster on AWS with network customizations] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Installing a cluster on AWS with network customizations] * xref:../../installing/installing_azure/ipi/installing-azure-network-customizations.adoc#installing-azure-network-customizations[Installing a cluster on Azure with network customizations] diff --git a/post_installation_configuration/cluster-tasks.adoc b/post_installation_configuration/cluster-tasks.adoc index 1d0c692fbe..6fd1591d7d 100644 --- a/post_installation_configuration/cluster-tasks.adoc +++ b/post_installation_configuration/cluster-tasks.adoc @@ -154,7 +154,7 @@ xref:../networking/networking_operators/dns-operator.adoc#nw-dns-operator-status |`network.config.openshift.io` |`cluster` |You cannot modify your cluster networking after installation. To customize your network, follow the process to -xref:../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#installing-aws-network-customizations[customize networking during installation]. +xref:../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[customize networking during installation]. |=== diff --git a/scalability_and_performance/optimization/optimizing-networking.adoc b/scalability_and_performance/optimization/optimizing-networking.adoc index 4d8a28b7f1..ba1645ecce 100644 --- a/scalability_and_performance/optimization/optimizing-networking.adoc +++ b/scalability_and_performance/optimization/optimizing-networking.adoc @@ -41,7 +41,7 @@ include::modules/ipsec-impact-networking.adoc[leveloffset=+1] [id="optimizing-networking-additional-resources"] == Additional resources -* xref:../../installing/installing_aws/ipi/installing-aws-network-customizations.adoc#modifying-nwoperator-config-startup_installing-aws-network-customizations[Specifying advanced network configuration] +* xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#modifying-nwoperator-config-startup_installing-aws-customizations[Specifying advanced network configuration] * xref:../../networking/networking_operators/cluster-network-operator.adoc#nw-operator-cr_cluster-network-operator[Cluster Network Operator configuration]