mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
OSDOCS-16842-3: CQA for NOP-1 AWS Load Balancer Operator (ALBO)
This commit is contained in:
dfitzmau
committed by
openshift-cherrypick-robot
openshift-cherrypick-robot
parent
71c3f8803d
commit
9ed034c2f3
@@ -6,12 +6,12 @@ include::_attributes/common-attributes.adoc[]
|
||||
|
||||
toc::[]
|
||||
|
||||
You can install the {aws-first} Load Balancer Operator on a cluster that uses the {sts-first}. Follow these steps to prepare your cluster before installing the Operator.
|
||||
[role="_abstract"]
|
||||
To install the {aws-first} Load Balancer Operator on a cluster that uses the {sts-first}, prepare the cluster by configuring the `CredentialsRequest` object. This ensures the Operator can bootstrap the {aws-short} Load Balancer Controller and access the required secrets.
|
||||
|
||||
The {aws-short} Load Balancer Operator relies on the `CredentialsRequest` object to bootstrap the Operator and the {aws-short} Load Balancer Controller. The {aws-short} Load Balancer Operator waits until the required secrets are created and available.
|
||||
The {aws-short} Load Balancer Operator waits until the required secrets are created and available.
|
||||
|
||||
[id="{context}_prerequisites"]
|
||||
== Prerequisites
|
||||
Before you start any {sts-first} procedures, ensure that you meet the following prerequisites:
|
||||
|
||||
* You installed the {oc-first}.
|
||||
|
||||
@@ -26,23 +26,22 @@ $ oc get infrastructure cluster -o=jsonpath="{.status.infrastructureName}"
|
||||
+
|
||||
[source,terminal]
|
||||
----
|
||||
$ oc get authentication.config cluster -o=jsonpath="{.spec.serviceAccountIssuer}" <1>
|
||||
$ oc get authentication.config cluster -o=jsonpath="{.spec.serviceAccountIssuer}"
|
||||
----
|
||||
<1> An OIDC DNS example is `\https://rh-oidc.s3.us-east-1.amazonaws.com/28292va7ad7mr9r4he1fb09b14t59t4f`.
|
||||
+
|
||||
where:
|
||||
+
|
||||
`{.spec.serviceAccountIssuer}`:: Specifies an OIDC DNS URL. An example URL is `\https://rh-oidc.s3.us-east-1.amazonaws.com/28292va7ad7mr9r4he1fb09b14t59t4f`.
|
||||
|
||||
* You logged into the {aws-short} Web Console, navigated to *IAM* -> *Access management* -> *Identity providers*, and located the OIDC Amazon Resource Name (ARN) information. An OIDC ARN example is `arn:aws:iam::777777777777:oidc-provider/<oidc_dns_url>`.
|
||||
* You logged into the {aws-short} management console, navigated to *IAM* -> *Access management* -> *Identity providers*, and located the OIDC Amazon Resource Name (ARN) information. An OIDC ARN example is `arn:aws:iam::777777777777:oidc-provider/<oidc_dns_url>`.
|
||||
|
||||
[id="creating-iam-role-albo-operator_{context}"]
|
||||
== Creating an IAM role for the AWS Load Balancer Operator
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
An additional {aws-first} Identity and Access Management (IAM) role is required to successfully install the {aws-short} Load Balancer Operator on a cluster that uses {sts-short}. The IAM role is required to interact with subnets and Virtual Private Clouds (VPCs). The {aws-short} Load Balancer Operator generates the `CredentialsRequest` object with the IAM role to bootstrap itself.
|
||||
* xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)]
|
||||
|
||||
You can create the IAM role by using the following options:
|
||||
|
||||
* Using xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)] and a predefined `CredentialsRequest` object.
|
||||
* Using the {aws-short} CLI and predefined {aws-short} manifests.
|
||||
|
||||
Use the {aws-short} CLI if your environment does not support the `ccoctl` command.
|
||||
// The IAM role for the AWS Load Balancer Operator
|
||||
include::modules/the-iam-role-albo-operator.adoc[leveloffset=+1]
|
||||
|
||||
// Creating an AWS IAM role by using the Cloud Credential Operator utility
|
||||
include::modules/using-ccoctl-create-iam-role-alb-operator.adoc[leveloffset=+2]
|
||||
@@ -53,17 +52,13 @@ include::modules/using-aws-cli-create-iam-role-alb-operator.adoc[leveloffset=+2]
|
||||
// Configuring the ARN role for the AWS Load Balancer Operator
|
||||
include::modules/specifying-role-arn-albo-sts.adoc[leveloffset=+1]
|
||||
|
||||
[id="creating-iam-role-albo-controller_{context}"]
|
||||
== Creating an IAM role for the AWS Load Balancer Controller
|
||||
// The IAM role for the AWS Load Balancer Controller
|
||||
include::modules/the-iam-role-albo-controller.adoc[leveloffset=+1]
|
||||
|
||||
The `CredentialsRequest` object for the {aws-short} Load Balancer Controller must be set with a manually provisioned IAM role.
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
You can create the IAM role by using the following options:
|
||||
|
||||
* Using xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)] and a predefined `CredentialsRequest` object.
|
||||
* Using the {aws-short} CLI and predefined {aws-short} manifests.
|
||||
|
||||
Use the {aws-short} CLI if your environment does not support the `ccoctl` command.
|
||||
* xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[the Cloud Credential Operator utility (`ccoctl`)]
|
||||
|
||||
// Creating an AWS IAM role for the controller by using the Cloud Credential Operator utility
|
||||
include::modules/using-ccoctl-create-iam-role-alb-controller.adoc[leveloffset=+2]
|
||||
@@ -72,5 +67,7 @@ include::modules/using-ccoctl-create-iam-role-alb-controller.adoc[leveloffset=+2
|
||||
include::modules/using-aws-cli-create-iam-role-alb-controller.adoc[leveloffset=+2]
|
||||
|
||||
[role="_additional-resources"]
|
||||
[id="additional-resources-albo-sts-cluster_{context}"]
|
||||
== Additional resources
|
||||
|
||||
* xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#cco-ccoctl-configuring_installing-aws-customizations[Configuring the Cloud Credential Operator utility]
|
||||
|
||||
@@ -6,7 +6,8 @@ include::_attributes/common-attributes.adoc[]
|
||||
|
||||
toc::[]
|
||||
|
||||
The AWS Load Balancer Operator deploys and manages the AWS Load Balancer Controller. You can install the AWS Load Balancer Operator from the software catalog by using {product-title} web console or CLI.
|
||||
[role="_abstract"]
|
||||
To deploy and manage the AWS Load Balancer Controller, install the AWS Load Balancer Operator from the software catalog by using the {product-title} web console or CLI. You can use the Operator to integrate AWS load balancers directly into your cluster infrastructure.
|
||||
|
||||
include::modules/nw-aws-load-balancer-operator-considerations.adoc[leveloffset=+1]
|
||||
|
||||
|
||||
Reference in New Issue
Block a user