diff --git a/_topic_maps/_topic_map_rosa.yml b/_topic_maps/_topic_map_rosa.yml index 4506e53968..fb07d01b37 100644 --- a/_topic_maps/_topic_map_rosa.yml +++ b/_topic_maps/_topic_map_rosa.yml @@ -29,21 +29,67 @@ Topics: - Name: Welcome File: index --- -Name: ROSA architecture +Name: Introduction to ROSA Dir: rosa_architecture Distros: openshift-rosa Topics: -- Name: Introduction to ROSA +- Name: Understanding ROSA File: rosa-understanding - Name: Architecture models File: rosa-architecture-models - Name: Architecture concepts File: rosa-basic-architecture-concepts +- Name: ROSA service definition + File: rosa-service-definition +- Name: Responsibility assignment matrix + File: rosa-policy-responsibility-matrix +- Name: Understanding the ROSA with STS deployment workflow + File: rosa-sts-getting-started-workflow +- Name: Understanding process and security for ROSA + File: rosa-policy-process-security +- Name: About availability for ROSA + File: rosa-policy-understand-availability +- Name: ROSA update life cycle + File: rosa-life-cycle +- Name: Support for ROSA + File: rosa-getting-support +# - Name: Training for ROSA +# File: rosa-training --- -Name: Planning, limits, and scalability +Name: ROSA CLI tools +Dir: rosa_cli +Distros: openshift-rosa +Topics: +# - Name: CLI and web console +# File: rosa-cli-penshift-console +- Name: Getting started with the rosa CLI + File: rosa-get-started-cli +- Name: Managing objects with the rosa CLI + File: rosa-manage-objects-cli +- Name: Checking account and version information with the rosa CLI + File: rosa-checking-acct-version-cli +- Name: Checking logs with the rosa CLI + File: rosa-checking-logs-cli +--- +Name: Red Hat OpenShift Cluster Manager +Dir: ocm +Distros: openshift-rosa +Topics: +- Name: Red Hat OpenShift Cluster Manager + File: ocm-overview +# - Name: Red Hat OpenShift Cluster Manager +# File: ocm-overview +# - Name: Using the OpenShift web console +# File: rosa-using-openshift-console +--- +Name: Prepare your environment Dir: rosa_planning Distros: openshift-rosa Topics: +- Name: AWS prerequisites for ROSA with STS + File: rosa-sts-aws-prereqs +- Name: AWS prerequisites for ROSA + File: rosa-aws-prereqs - Name: Limits and scalability File: rosa-limits-scalability - Name: Planning your environment @@ -55,98 +101,186 @@ Distros: openshift-rosa Topics: - Name: Getting started with ROSA File: rosa-getting-started ---- -Name: Setting up accounts and clusters using AWS Security Token Service (STS) -Dir: rosa_getting_started_sts -Distros: openshift-rosa -Topics: -- Name: Understanding the ROSA with STS deployment workflow - File: rosa-sts-getting-started-workflow -- Name: AWS prerequisites for ROSA with STS - File: rosa-sts-aws-prereqs - Name: Required AWS service quotas File: rosa-sts-required-aws-service-quotas -- Name: Setting up the environment with STS +- Name: Setting up the environment for using STS File: rosa-sts-setting-up-environment -- Name: Creating a ROSA cluster with STS - Dir: rosa_creating_a_cluster_with_sts - Topics: - - Name: Creating a ROSA cluster with STS quickly - File: rosa-sts-creating-a-cluster-quickly - - Name: Creating a ROSA cluster with STS using customizations - File: rosa-sts-creating-a-cluster-with-customizations - - Name: About IAM resources for ROSA with STS - File: rosa-sts-about-iam-resources - - Name: Interactive cluster creation mode reference - File: rosa-sts-interactive-mode-reference +- Name: Creating a ROSA cluster with STS quickly + File: rosa-sts-creating-a-cluster-quickly +- Name: Creating a ROSA cluster with STS using customizations + File: rosa-sts-creating-a-cluster-with-customizations +- Name: About IAM resources for ROSA with STS + File: rosa-sts-about-iam-resources +- Name: Interactive cluster creation mode reference + File: rosa-sts-interactive-mode-reference - Name: Accessing a ROSA cluster File: rosa-sts-accessing-cluster -- Name: Configuring identity providers +- Name: Configuring identity providers using Red Hat OpenShift Cluster Manager File: rosa-sts-config-identity-providers - Name: Revoking access to a ROSA cluster File: rosa-sts-deleting-access-cluster - Name: Deleting a ROSA cluster File: rosa-sts-deleting-cluster +- Name: Deploying ROSA without AWS STS + Dir: rosa_getting_started_iam + Distros: openshift-rosa + Topics: + - Name: Understanding the ROSA deployment workflow + File: rosa-getting-started-workflow + - Name: Required AWS service quotas + File: rosa-required-aws-service-quotas + - Name: Configuring your AWS account + File: rosa-config-aws-account + - Name: Installing ROSA + File: rosa-installing-rosa + - Name: Creating a ROSA cluster + File: rosa-creating-cluster +# - Name: Creating a ROSA cluster using the web console +# File: rosa-creating-cluster-console + - Name: Creating an AWS PrivateLink cluster on ROSA + File: rosa-aws-privatelink-creating-cluster + - Name: Accessing a ROSA cluster + File: rosa-accessing-cluster + - Name: Configuring identity providers using the Red Hat OpenShift Cluster Manager + File: rosa-config-identity-providers + - Name: Deleting access to a ROSA cluster + File: rosa-deleting-access-cluster + - Name: Deleting a ROSA cluster + File: rosa-deleting-cluster + - Name: Command quick reference for creating clusters and users + File: rosa-quickstart --- -Name: Setting up accounts and clusters -Dir: rosa_getting_started +Name: Cluster administration +Dir: rosa_cluster_admin Distros: openshift-rosa Topics: -- Name: Understanding the ROSA deployment workflow - File: rosa-getting-started-workflow -- Name: AWS prerequisites for ROSA - File: rosa-aws-prereqs -- Name: Required AWS service quotas - File: rosa-required-aws-service-quotas -- Name: Configuring your AWS account - File: rosa-config-aws-account -- Name: Installing ROSA - File: rosa-installing-rosa -- Name: Creating a ROSA cluster - File: rosa-creating-cluster -- Name: Creating an AWS PrivateLink cluster on ROSA - File: rosa-aws-privatelink-creating-cluster -- Name: Accessing a ROSA cluster - File: rosa-accessing-cluster -- Name: Configuring identity providers - File: rosa-config-identity-providers -- Name: Deleting access to a ROSA cluster - File: rosa-deleting-access-cluster -- Name: Deleting a ROSA cluster - File: rosa-deleting-cluster -- Name: Command quick reference for creating clusters and users - File: rosa-quickstart +# - Name: Cluster configurations +# File: rosa-cluster-config +# - Name: Cluster authentication +# File: rosa-cluster-auth +# - Name: Authorization and RBAC +# File: rosa-auth-rbac +- Name: Logging + Dir: rosa_logging + Distros: openshift-rosa + Topics: + - Name: Installing the CloudWatch logging service + File: rosa-install-logging + - Name: Viewing cluster logs + File: rosa-viewing-logs +- Name: Monitoring user-defined projects + Dir: rosa_monitoring + Distros: openshift-rosa + Topics: + - Name: Understanding the monitoring stack + File: rosa-understanding-the-monitoring-stack + - Name: Configuring the monitoring stack + File: rosa-configuring-the-monitoring-stack + - Name: Accessing monitoring for user-defined projects + File: rosa-accessing-monitoring-for-user-defined-projects + - Name: Managing metrics + File: rosa-managing-metrics + - Name: Managing alerts + File: rosa-managing-alerts + - Name: Reviewing monitoring dashboards + File: rosa-reviewing-monitoring-dashboards + - Name: Troubleshooting monitoring issues + File: rosa-troubleshooting-monitoring-issues +- Name: Configuring private connections + Dir: cloud_infrastructure_access + Distros: openshift-rosa + Topics: + - Name: Configuring private connections + File: rosa-configuring-private-connections + - Name: Configuring AWS VPC peering + File: dedicated-aws-peering + - Name: Configuring AWS VPN + File: dedicated-aws-vpn + - Name: Configuring AWS Direct Connect + File: dedicated-aws-dc + - Name: Configuring a private cluster + File: rosa-private-cluster +- Name: Nodes + Dir: rosa_nodes + Distros: openshift-rosa + Topics: + - Name: About machine pools + File: rosa-nodes-machinepools-about + - Name: Managing worker nodes + File: rosa-managing-worker-nodes + Distros: openshift-rosa + - Name: About autoscaling nodes on a cluster + File: rosa-nodes-about-autoscaling-nodes --- -Name: Red Hat OpenShift Cluster Manager -Dir: ocm +Name: Cluster security +Dir: authentication Distros: openshift-rosa Topics: -- Name: Red Hat OpenShift Cluster Manager - File: ocm-overview +# - Name: Security +# File: rosa-security +# - Name: Application and cluster compliance +# File: rosa-app-security-compliance +- Name: Managing security context constraints + File: managing-security-context-constraints --- Name: Upgrading Dir: upgrading Distros: openshift-rosa Topics: -- Name: Preparing to upgrade ROSA to 4.9 - File: rosa-upgrading-cluster-prepare - Distros: openshift-rosa +#- Name: Preparing to upgrade ROSA to 4.9 +# File: rosa-upgrading-cluster-prepare +# Distros: openshift-rosa - Name: Upgrading ROSA File: rosa-upgrading - Distros: openshift-rosa - Name: Upgrading ROSA with STS File: rosa-upgrading-sts - Distros: openshift-rosa --- -Name: Add-on services -Dir: adding_service_cluster + Name: Add-on services + Dir: adding_service_cluster + Distros: openshift-rosa + Topics: + - Name: Adding services to a cluster + File: adding-service + - Name: Available services + File: rosa-available-services +--- +Name: Application development +Dir: applications Distros: openshift-rosa Topics: -- Name: Adding services to a cluster - File: adding-service -- Name: Available services - File: rosa-available-services +- Name: Deployments + Dir: deployments Distros: openshift-rosa + Topics: + - Name: Configuring custom domains for applications + File: osd-config-custom-domains-applications +# - Name: Application GitOps workflows +# File: rosa-app-gitops-workflows +# - Name: Application logging +# File: rosa-app-logging +# - Name: Applications +# File: rosa-apps +# - Name: Application metrics and alerts +# File: rosa-app-metrics and alerts +# - Name: Projects +# File: rosa-projects +# - Name: Using the internal registry +# File: rosa-using-internal-registry +--- +Name: Storage and registry +Dir: storage +Distros: openshift-rosa +Topics: +# - Name: Configuring the internal registry +# File: configuring-registry-operator +- Name: Persistent storage + Dir: persistent_storage + Distros: openshift-rosa + Topics: + - Name: Persistent storage using AWS Elastic Block Store (EBS) + File: rosa-persistent-storage-aws-ebs + - Name: Persistent storage using AWS EFS + File: osd-persistent-storage-aws --- Name: Networking Dir: networking @@ -162,126 +296,10 @@ Topics: - Name: CIDR Range Definitions File: cidr-range-definitions --- -Name: Authentication and authorization -Dir: authentication -Distros: openshift-rosa -Topics: -- Name: Managing security context constraints - File: managing-security-context-constraints ---- -Name: Nodes -Dir: nodes -Distros: openshift-rosa -Topics: -- Name: About machine pools - File: nodes-machinepools-about -- Name: Managing worker nodes - File: rosa-managing-worker-nodes - Distros: openshift-rosa -- Name: About autoscaling nodes on a cluster - File: nodes-about-autoscaling-nodes ---- -Name: Monitoring user-defined projects -Dir: monitoring -Distros: openshift-rosa -Topics: -- Name: Understanding the monitoring stack - File: osd-understanding-the-monitoring-stack -- Name: Configuring the monitoring stack - File: osd-configuring-the-monitoring-stack -- Name: Accessing monitoring for user-defined projects - File: osd-accessing-monitoring-for-user-defined-projects -- Name: Managing metrics - File: osd-managing-metrics -- Name: Managing alerts - File: osd-managing-alerts -- Name: Reviewing monitoring dashboards - File: osd-reviewing-monitoring-dashboards -- Name: Troubleshooting monitoring issues - File: osd-troubleshooting-monitoring-issues ---- -Name: Storage -Dir: storage -Distros: openshift-rosa -Topics: -- Name: Persistent storage - Dir: persistent_storage - Distros: openshift-rosa - Topics: - - Name: Persistent storage using AWS Elastic Block Store (EBS) - File: rosa-persistent-storage-aws-ebs - - Name: Persistent storage using AWS EFS - File: osd-persistent-storage-aws ---- -Name: Applications -Dir: applications -Distros: openshift-rosa -Topics: -- Name: Deployments - Dir: deployments - Distros: openshift-rosa - Topics: - - Name: Configuring custom domains for applications - File: osd-config-custom-domains-applications ---- -Name: Logging -Dir: logging -Distros: openshift-rosa -Topics: -- Name: Installing the cluster logging service - File: rosa-install-logging -- Name: Viewing cluster logs - File: rosa-viewing-logs ---- -Name: rosa CLI -Dir: rosa_cli -Distros: openshift-rosa -Topics: -- Name: Getting started with the rosa CLI - File: rosa-get-started-cli -- Name: Managing objects with the rosa CLI - File: rosa-manage-objects-cli -- Name: Checking account and version information with the rosa CLI - File: rosa-checking-acct-version-cli -- Name: Checking logs with the rosa cli - File: rosa-checking-logs-cli ---- -Name: Configuring private connections -Dir: cloud_infrastructure_access -Distros: openshift-rosa -Topics: -- Name: Configuring private connections - File: rosa-configuring-private-connections -- Name: Configuring AWS VPC peering - File: dedicated-aws-peering -- Name: Configuring AWS VPN - File: dedicated-aws-vpn -- Name: Configuring AWS Direct Connect - File: dedicated-aws-dc -- Name: Configuring a private cluster - File: rosa-private-cluster ---- -Name: Policies and service definition -Dir: rosa_policy -Distros: openshift-rosa -Topics: -- Name: ROSA service definition - File: rosa-service-definition -- Name: Responsibility assignment matrix - File: rosa-policy-responsibility-matrix -- Name: Understanding process and security for ROSA - File: rosa-policy-process-security -- Name: About availability for ROSA - File: rosa-policy-understand-availability -- Name: ROSA update life cycle - File: rosa-life-cycle ---- -Name: Support +Name: Troubleshooting Dir: rosa_support Distros: openshift-rosa Topics: -- Name: Support for ROSA - File: rosa-getting-support - Name: Troubleshooting expired offline access tokens File: rosa-troubleshooting-expired-tokens - Name: Troubleshooting installations diff --git a/adding_service_cluster/adding-service.adoc b/adding_service_cluster/adding-service.adoc index 89bf720f34..6c3f8e598f 100644 --- a/adding_service_cluster/adding-service.adoc +++ b/adding_service_cluster/adding-service.adoc @@ -19,5 +19,5 @@ include::modules/deleting-service-cli.adoc[leveloffset=+1] ifdef::openshift-rosa[] [role="_additional-resources"] == Additional resources -* For information about the `cluster-logging-operator` and the AWS CloudWatch log forwarding service, see xref:../logging/rosa-install-logging.adoc#rosa-install-logging[Install the logging add-on service] +* For information about the `cluster-logging-operator` and the AWS CloudWatch log forwarding service, see xref:../rosa_cluster_admin/rosa_logging/rosa-install-logging.adoc#rosa-install-logging[Install the logging add-on service] endif::[] diff --git a/adding_service_cluster/rosa-available-services.adoc b/adding_service_cluster/rosa-available-services.adoc index 50dde766d4..ea989e0028 100644 --- a/adding_service_cluster/rosa-available-services.adoc +++ b/adding_service_cluster/rosa-available-services.adoc @@ -11,5 +11,12 @@ These services can also be installed xref:../rosa_cli/rosa-manage-objects-cli.ad include::modules/aws-cloudwatch.adoc[leveloffset=+1] + +[role="_additional-resources"] +.Additional resources + +* xref:../rosa_cluster_admin/rosa_logging/rosa-install-logging.adoc#rosa-install-logging[Installing the CloudWatch logging service] +* link:https://aws.amazon.com/cloudwatch/[Amazon CloudWatch product information] + include::modules/codeready-workspaces.adoc[leveloffset=+1] include::modules/osd-rhoam.adoc[leveloffset=+1] diff --git a/modules/aws-cloudwatch.adoc b/modules/aws-cloudwatch.adoc index 985a76719f..27de93e11c 100644 --- a/modules/aws-cloudwatch.adoc +++ b/modules/aws-cloudwatch.adoc @@ -11,5 +11,4 @@ Amazon CloudWatch forwards logs from {product-title} (ROSA) to the AWS console f [role="_additional-resources"] .Additional resources -* See xref:../logging/rosa-install-logging.adoc#rosa-install-logging[Install the logging add-on service] for information about the Amazon CloudWatch log forwarding service. -* See link:https://aws.amazon.com/cloudwatch/[Amazon CloudWatch product information] for general details about Amazon Cloudwatch. +* link:https://aws.amazon.com/cloudwatch/[Amazon CloudWatch product information] diff --git a/modules/rosa-create-cluster-admins.adoc b/modules/rosa-create-cluster-admins.adoc index 01009082af..c16acea974 100644 --- a/modules/rosa-create-cluster-admins.adoc +++ b/modules/rosa-create-cluster-admins.adoc @@ -5,7 +5,7 @@ :_content-type: PROCEDURE -[id="rosa-create-cluster-admins"] +[id="rosa-create-cluster-admins_{context}"] = Granting `cluster-admin` access As the user who created the cluster, add the `cluster-admin` user role to your account to have the maximum administrator privileges. These privileges are not automatically assigned to your user account when you create the cluster. diff --git a/modules/rosa-create-dedicated-cluster-admins.adoc b/modules/rosa-create-dedicated-cluster-admins.adoc index 999caf0efa..c7403a7e5b 100644 --- a/modules/rosa-create-dedicated-cluster-admins.adoc +++ b/modules/rosa-create-dedicated-cluster-admins.adoc @@ -5,7 +5,7 @@ :_content-type: PROCEDURE -[id="rosa-create-dedicated-cluster-admins"] +[id="rosa-create-dedicated-cluster-admins_{context}"] = Granting `dedicated-admin` access Only the user who created the cluster can grant cluster access to other `cluster-admin` or `dedicated-admin` users. Users with `dedicated-admin` access have fewer privileges. As a best practice, grant `dedicated-admin` access to most of your administrators. diff --git a/modules/rosa-delete-cluster-admins.adoc b/modules/rosa-delete-cluster-admins.adoc index 65cc74e8fb..8657b044cb 100644 --- a/modules/rosa-delete-cluster-admins.adoc +++ b/modules/rosa-delete-cluster-admins.adoc @@ -5,7 +5,7 @@ :_content-type: PROCEDURE -[id="rosa-delete-cluster-admins"] +[id="rosa-delete-cluster-admins_{context}"] = Revoking `cluster-admin` access using the `rosa` CLI Only the user who created the cluster can revoke access for `cluster-admin` users. diff --git a/modules/rosa-delete-dedicated-admins.adoc b/modules/rosa-delete-dedicated-admins.adoc index e93b4baa6d..5a056a0397 100644 --- a/modules/rosa-delete-dedicated-admins.adoc +++ b/modules/rosa-delete-dedicated-admins.adoc @@ -5,7 +5,7 @@ :_content-type: PROCEDURE -[id="rosa-delete-dedicated-admins"] +[id="rosa-delete-dedicated-admins_{context}"] = Revoking `dedicated-admin` access using the `rosa` CLI You can revoke access for a `dedicated-admin` user if you are the user who created the cluster, the organization administrator user, or the super administrator user. diff --git a/monitoring/osd-configuring-the-monitoring-stack.adoc b/monitoring/osd-configuring-the-monitoring-stack.adoc index 8fc351f968..2e054bfedb 100644 --- a/monitoring/osd-configuring-the-monitoring-stack.adoc +++ b/monitoring/osd-configuring-the-monitoring-stack.adoc @@ -6,7 +6,7 @@ include::_attributes/attributes-openshift-dedicated.adoc[] toc::[] -This document explains what is supported for the monitoring of user-defined projects. It also shows how to configure the monitoring stack, and demonstrates several common configuration scenarios. +After you configure the monitoring stack, you can review common configuration scenarios and configure monitoring of user-defined projects. // Maintenance and support for monitoring include::modules/osd-monitoring-maintenance-and-support.adoc[leveloffset=+1] diff --git a/monitoring/osd-managing-alerts.adoc b/monitoring/osd-managing-alerts.adoc index f8768015d4..cf1f9a5877 100644 --- a/monitoring/osd-managing-alerts.adoc +++ b/monitoring/osd-managing-alerts.adoc @@ -6,7 +6,7 @@ include::_attributes/attributes-openshift-dedicated.adoc[] toc::[] -Alerts for monitoring workloads in user-defined projects are not currently supported in this product. +Alerts for monitoring workloads in user-defined projects are not currently supported in this {product-title}. [id="alerts-next-steps"] == Next steps diff --git a/monitoring/osd-managing-metrics.adoc b/monitoring/osd-managing-metrics.adoc index da77479fda..7c91ff1c58 100644 --- a/monitoring/osd-managing-metrics.adoc +++ b/monitoring/osd-managing-metrics.adoc @@ -6,7 +6,7 @@ include::_attributes/attributes-openshift-dedicated.adoc[] toc::[] -This document provides an overview about how {product-title} metrics are collected, queried and visualized. +{product-title} collects metrics for , and you can use to query and visualize them. // Understanding metrics include::modules/osd-monitoring-understanding-metrics.adoc[leveloffset=+1] diff --git a/monitoring/osd-troubleshooting-monitoring-issues.adoc b/monitoring/osd-troubleshooting-monitoring-issues.adoc index 32bfad1806..3610f6c0ec 100644 --- a/monitoring/osd-troubleshooting-monitoring-issues.adoc +++ b/monitoring/osd-troubleshooting-monitoring-issues.adoc @@ -6,6 +6,6 @@ include::_attributes/attributes-openshift-dedicated.adoc[] toc::[] -This document describes how to troubleshoot common monitoring issues for user-defined projects. +Find troubleshooting steps for common monitoring issues with user-defined projects. include::modules/osd-monitoring-troubleshooting-issues.adoc[leveloffset=+1] diff --git a/networking/configuring-cluster-wide-proxy.adoc b/networking/configuring-cluster-wide-proxy.adoc index eac01a4bd2..d1e513182d 100644 --- a/networking/configuring-cluster-wide-proxy.adoc +++ b/networking/configuring-cluster-wide-proxy.adoc @@ -26,7 +26,7 @@ include::modules/cluster-wide-proxy-preqs.adoc[leveloffset=+1] .Additional Resources ifdef::openshift-rosa[] -For information about standard installation prerequisites, see xref:../rosa_getting_started/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites for ROSA]. For information about the prerequisites for installation using AWS Security Token Service (STS), see xref:../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS]. +For information about standard installation prerequisites, see xref:../rosa_planning/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites for ROSA]. For information about the prerequisites for installation using AWS Security Token Service (STS), see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS]. endif::[] ifdef::openshift-dedicated[] For more information, see xref:../osd_quickstart/osd-quickstart.adoc#osd-getting-started[Getting started with {product-title}] for a basic cluster installation workflow. diff --git a/nodes/nodes-machinepools-about.adoc b/nodes/nodes-machinepools-about.adoc index 45bfa339ab..494fa324fc 100644 --- a/nodes/nodes-machinepools-about.adoc +++ b/nodes/nodes-machinepools-about.adoc @@ -13,7 +13,7 @@ The primary resources are machines, machine sets, and machine pools. A machine is a fundamental unit that describes the host for a worker node. == Machine sets -`MachineSet` resources are groups of machines. If you need more machines or must scale them down, this is done by configuring the number of replicas in the machine pool to which the machine sets belong. +`MachineSet` resources are groups of machines. If you need more machines or must scale them down, change the number of replicas in the machine pool to which the machine sets belong. ifdef::openshift-rosa[] Machine sets are not directly modifiable in ROSA. @@ -22,9 +22,9 @@ endif::[] == Machine pools Machine pools are a higher level construct to machine sets. -A machine pool creates machine sets that are all clones of the same configuration across availability zones. Machine pools perform all of the host node provisioning management actions on a worker node. If you need more machines or must scale them down, change the number of replicas in the machine pool to meet your compute needs. Scaling can be configured manually or you can set autoscaling. +A machine pool creates machine sets that are all clones of the same configuration across availability zones. Machine pools perform all of the host node provisioning management actions on a worker node. If you need more machines or must scale them down, change the number of replicas in the machine pool to meet your compute needs. You can manually configure scaling or set autoscaling. -By default, a cluster is created with one machine pool. Additional machine pools can be added later to an existing cluster and you can modify the default machine pool. Machine pools can also be deleted. +By default, a cluster is created with one machine pool. You can add additional machine pools to an existing cluster, modify the default machine pool, and delete machine pools. Multiple machine pools can exist on a single cluster, and they can each have different types or different size nodes. diff --git a/rosa_architecture/rosa-getting-support.adoc b/rosa_architecture/rosa-getting-support.adoc new file mode 100644 index 0000000000..91c34dc5fe --- /dev/null +++ b/rosa_architecture/rosa-getting-support.adoc @@ -0,0 +1,10 @@ +:_content-type: ASSEMBLY +[id="rosa-getting-support"] += Getting support for {product-title} +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-getting-support +toc::[] + +Get support for {product-title} (ROSA). + +include::modules/rosa-getting-support.adoc[leveloffset=+1] diff --git a/rosa_policy/rosa-life-cycle.adoc b/rosa_architecture/rosa-life-cycle.adoc similarity index 77% rename from rosa_policy/rosa-life-cycle.adoc rename to rosa_architecture/rosa-life-cycle.adoc index 379a0effb3..880749dbcd 100644 --- a/rosa_policy/rosa-life-cycle.adoc +++ b/rosa_architecture/rosa-life-cycle.adoc @@ -8,10 +8,9 @@ toc::[] include::modules/life-cycle-overview.adoc[leveloffset=+1] -[role="_additional-resources"] .Additional resources -* xref:../rosa_policy/rosa-service-definition.adoc#rosa-service-definition[{product-title} service definition] +* xref:../rosa_architecture/rosa-service-definition.adoc#rosa-service-definition[{product-title} service definition] include::modules/life-cycle-definitions.adoc[leveloffset=+1] include::modules/life-cycle-major-versions.adoc[leveloffset=+1] @@ -20,7 +19,7 @@ include::modules/life-cycle-minor-versions.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* xref:../rosa_policy/rosa-life-cycle.adoc#rosa-limited-support_rosa-life-cycle[{product-title} limited support status] +* xref:../rosa_architecture/rosa-life-cycle.adoc#rosa-limited-support_rosa-life-cycle[{product-title} limited support status] include::modules/life-cycle-patch-versions.adoc[leveloffset=+1] include::modules/life-cycle-limited-support.adoc[leveloffset=+1] diff --git a/rosa_policy/rosa-policy-process-security.adoc b/rosa_architecture/rosa-policy-process-security.adoc similarity index 80% rename from rosa_policy/rosa-policy-process-security.adoc rename to rosa_architecture/rosa-policy-process-security.adoc index d1aae1f773..a72cbed552 100644 --- a/rosa_policy/rosa-policy-process-security.adoc +++ b/rosa_architecture/rosa-policy-process-security.adoc @@ -26,9 +26,8 @@ include::modules/rosa-policy-security-regulation-compliance.adoc[leveloffset=+1] include::modules/rosa-policy-disaster-recovery.adoc[leveloffset=+1] -[role="_additional-resources"] == Additional resources -* For more information about customer or shared responsibilities, see the xref:../rosa_policy/rosa-policy-responsibility-matrix.adoc#rosa-policy-responsibilities_rosa-policy-responsibility-matrix[ROSA Responsibilities] document. +* For more information about customer or shared responsibilities, see the xref:../rosa_architecture/rosa-policy-responsibility-matrix.adoc#rosa-policy-responsibilities_rosa-policy-responsibility-matrix[ROSA Responsibilities] document. -* For more information about ROSA and its components, see the xref:../rosa_policy/rosa-service-definition.adoc#rosa-service-definition[ROSA Service Definition]. +* For more information about ROSA and its components, see the xref:../rosa_architecture/rosa-service-definition.adoc#rosa-service-definition[ROSA Service Definition]. diff --git a/rosa_policy/rosa-policy-responsibility-matrix.adoc b/rosa_architecture/rosa-policy-responsibility-matrix.adoc similarity index 100% rename from rosa_policy/rosa-policy-responsibility-matrix.adoc rename to rosa_architecture/rosa-policy-responsibility-matrix.adoc diff --git a/rosa_policy/rosa-policy-understand-availability.adoc b/rosa_architecture/rosa-policy-understand-availability.adoc similarity index 100% rename from rosa_policy/rosa-policy-understand-availability.adoc rename to rosa_architecture/rosa-policy-understand-availability.adoc diff --git a/rosa_policy/rosa-service-definition.adoc b/rosa_architecture/rosa-service-definition.adoc similarity index 72% rename from rosa_policy/rosa-service-definition.adoc rename to rosa_architecture/rosa-service-definition.adoc index 047b9145d3..8f443e56e1 100644 --- a/rosa_policy/rosa-service-definition.adoc +++ b/rosa_architecture/rosa-service-definition.adoc @@ -17,8 +17,7 @@ include::modules/rosa-sdpolicy-platform.adoc[leveloffset=+1] include::modules/rosa-sdpolicy-security.adoc[leveloffset=+1] -[role="_additional-resources"] == Additional resources -* See xref:../rosa_policy/rosa-policy-process-security.adoc#rosa-policy-process-security[Understanding process and security for ROSA] for the latest compliance information. -* See xref:../rosa_policy/rosa-life-cycle.adoc#rosa-life-cycle[ROSA life cycle] +* See xref:../rosa_architecture/rosa-policy-process-security.adoc#rosa-policy-process-security[Understanding process and security for ROSA] for the latest compliance information. +* See xref:../rosa_architecture/rosa-life-cycle.adoc#rosa-life-cycle[ROSA life cycle] diff --git a/rosa_architecture/rosa-sts-getting-started-workflow.adoc b/rosa_architecture/rosa-sts-getting-started-workflow.adoc new file mode 100644 index 0000000000..79ec484b3c --- /dev/null +++ b/rosa_architecture/rosa-sts-getting-started-workflow.adoc @@ -0,0 +1,32 @@ +:_content-type: ASSEMBLY +[id="rosa-sts-understanding-the-deployment-workflow"] += Understanding the ROSA with STS deployment workflow +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-sts-overview-of-the-deployment-workflow + +toc::[] + +Before you create a {product-title} (ROSA) cluster, you must complete the AWS prerequisites, verify that the required AWS service quotas are available, and set up your environment. + +This document provides an overview of the ROSA with STS deployment workflow stages and refers to detailed resources for each stage. + +[id="rosa-sts-overview-of-the-deployment-workflow"] +== Overview of the ROSA with STS deployment workflow + +The AWS Security Token Service (STS) is a global web service that provides short-term credentials for IAM or federated users. You can use AWS STS with {product-title} (ROSA) to allocate temporary, limited-privilege credentials for component-specific IAM roles. The service enables cluster components to make AWS API calls using secure cloud resource management practices. + +You can follow the workflow stages outlined in this section to set up and access a ROSA cluster that uses STS. + +. xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[Complete the AWS prerequisites for ROSA with STS]. To deploy a ROSA cluster with STS, your AWS account must meet the prerequisite requirements. +. xref:../rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Review the required AWS service quotas]. To prepare for your cluster deployment, review the AWS service quotas that are required to run a ROSA cluster. +. xref:../rosa_getting_started/rosa-sts-setting-up-environment.adoc#rosa-sts-setting-up-environment[Set up the environment and install ROSA using STS]. Before you create a ROSA with STS cluster, you must enable ROSA in your AWS account, install and configure the required CLI tools, and verify the configuration of the CLI tools. You must also verify that the AWS Elastic Load Balancing (ELB) service role exists and that the required AWS resource quotas are available. +. xref:../rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Create a ROSA cluster with STS quickly] or xref:../rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[create a cluster using customizations]. Use the ROSA CLI (`rosa`) to create a cluster with STS. You can create a cluster by using the default options, or you can apply customizations to suit the needs of your organization. +. xref:../rosa_getting_started/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Access your cluster]. You can configure an identity provider and grant cluster administrator privileges to the identity provider users as required. You can also access a newly-deployed cluster quickly by configuring a `cluster-admin` user. +. xref:../rosa_getting_started/rosa-sts-deleting-access-cluster.adoc#rosa-sts-deleting-access-cluster[Revoke access to a ROSA cluster for a user]. You can revoke access to a ROSA with STS cluster from a user by using the ROSA CLI or the web console. +. xref:../rosa_getting_started/rosa-sts-deleting-cluster.adoc#rosa-sts-deleting-cluster[Delete a ROSA cluster]. You can delete a ROSA with STS cluster by using the ROSA CLI (`rosa`). After deleting a cluster, you can delete the STS resources by using the AWS Identity and Access Management (IAM) Console. + +[id="additional_resources_{context}"] +[role="_additional-resources"] +== Additional resources + +* For information about using the ROSA deployment workflow to create a cluster that does not use AWS STS, see xref:../rosa_getting_started/rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow]. diff --git a/rosa_architecture/rosa-understanding.adoc b/rosa_architecture/rosa-understanding.adoc index 6c879cb9d3..0d56ad3b2f 100644 --- a/rosa_architecture/rosa-understanding.adoc +++ b/rosa_architecture/rosa-understanding.adoc @@ -1,6 +1,6 @@ :_content-type: ASSEMBLY [id="rosa-understanding"] -= Introduction to ROSA += Understanding ROSA include::_attributes/attributes-openshift-dedicated.adoc[] :context: rosa-understanding toc::[] diff --git a/cloud_infrastructure_access/dedicated-aws-access.adoc b/rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-access.adoc similarity index 100% rename from cloud_infrastructure_access/dedicated-aws-access.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-access.adoc diff --git a/cloud_infrastructure_access/dedicated-aws-dc.adoc b/rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-dc.adoc similarity index 100% rename from cloud_infrastructure_access/dedicated-aws-dc.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-dc.adoc diff --git a/cloud_infrastructure_access/dedicated-aws-peering.adoc b/rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-peering.adoc similarity index 100% rename from cloud_infrastructure_access/dedicated-aws-peering.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-peering.adoc diff --git a/cloud_infrastructure_access/dedicated-aws-private-cluster.adoc b/rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-private-cluster.adoc similarity index 100% rename from cloud_infrastructure_access/dedicated-aws-private-cluster.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-private-cluster.adoc diff --git a/cloud_infrastructure_access/dedicated-aws-vpn.adoc b/rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-vpn.adoc similarity index 100% rename from cloud_infrastructure_access/dedicated-aws-vpn.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/dedicated-aws-vpn.adoc diff --git a/cloud_infrastructure_access/dedicated-understanding-aws.adoc b/rosa_cluster_admin/cloud_infrastructure_access/dedicated-understanding-aws.adoc similarity index 100% rename from cloud_infrastructure_access/dedicated-understanding-aws.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/dedicated-understanding-aws.adoc diff --git a/cloud_infrastructure_access/images b/rosa_cluster_admin/cloud_infrastructure_access/images similarity index 100% rename from cloud_infrastructure_access/images rename to rosa_cluster_admin/cloud_infrastructure_access/images diff --git a/cloud_infrastructure_access/modules b/rosa_cluster_admin/cloud_infrastructure_access/modules similarity index 100% rename from cloud_infrastructure_access/modules rename to rosa_cluster_admin/cloud_infrastructure_access/modules diff --git a/cloud_infrastructure_access/rosa-configuring-private-connections.adoc b/rosa_cluster_admin/cloud_infrastructure_access/rosa-configuring-private-connections.adoc similarity index 100% rename from cloud_infrastructure_access/rosa-configuring-private-connections.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/rosa-configuring-private-connections.adoc diff --git a/cloud_infrastructure_access/rosa-private-cluster.adoc b/rosa_cluster_admin/cloud_infrastructure_access/rosa-private-cluster.adoc similarity index 86% rename from cloud_infrastructure_access/rosa-private-cluster.adoc rename to rosa_cluster_admin/cloud_infrastructure_access/rosa-private-cluster.adoc index 951b10f079..7f42ec048d 100644 --- a/cloud_infrastructure_access/rosa-private-cluster.adoc +++ b/rosa_cluster_admin/cloud_infrastructure_access/rosa-private-cluster.adoc @@ -23,4 +23,4 @@ include::modules/rosa-enable-private-cluster-existing.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-aws-privatelink-creating-cluster.adoc#rosa-aws-privatelink-creating-cluster[Creating an AWS PrivateLink cluster on ROSA] +* xref:../../rosa_getting_started/rosa_getting_started_iam/rosa-aws-privatelink-creating-cluster.adoc#rosa-aws-privatelink-creating-cluster[Creating an AWS PrivateLink cluster on ROSA] diff --git a/cloud_infrastructure_access/snippets b/rosa_cluster_admin/cloud_infrastructure_access/snippets similarity index 100% rename from cloud_infrastructure_access/snippets rename to rosa_cluster_admin/cloud_infrastructure_access/snippets diff --git a/rosa_getting_started_sts/images b/rosa_cluster_admin/images similarity index 100% rename from rosa_getting_started_sts/images rename to rosa_cluster_admin/images diff --git a/rosa_getting_started_sts/modules b/rosa_cluster_admin/modules similarity index 100% rename from rosa_getting_started_sts/modules rename to rosa_cluster_admin/modules diff --git a/rosa_policy/images b/rosa_cluster_admin/rosa_logging/images similarity index 100% rename from rosa_policy/images rename to rosa_cluster_admin/rosa_logging/images diff --git a/rosa_policy/modules b/rosa_cluster_admin/rosa_logging/modules similarity index 100% rename from rosa_policy/modules rename to rosa_cluster_admin/rosa_logging/modules diff --git a/logging/rosa-install-logging.adoc b/rosa_cluster_admin/rosa_logging/rosa-install-logging.adoc similarity index 89% rename from logging/rosa-install-logging.adoc rename to rosa_cluster_admin/rosa_logging/rosa-install-logging.adoc index 97aba6124a..73c5e61a49 100644 --- a/logging/rosa-install-logging.adoc +++ b/rosa_cluster_admin/rosa_logging/rosa-install-logging.adoc @@ -29,4 +29,4 @@ include::modules/rosa-install-logging-addon.adoc[leveloffset=+1] [role="_additional-resources"] [id="additional-resources_adding-service"] == Additional resources -* xref:../adding_service_cluster/adding-service.adoc#adding-service[Adding services to your cluster] +* xref:../../adding_service_cluster/adding-service.adoc#adding-service[Adding services to your cluster] diff --git a/logging/rosa-viewing-logs.adoc b/rosa_cluster_admin/rosa_logging/rosa-viewing-logs.adoc similarity index 100% rename from logging/rosa-viewing-logs.adoc rename to rosa_cluster_admin/rosa_logging/rosa-viewing-logs.adoc diff --git a/rosa_getting_started_sts/snippets b/rosa_cluster_admin/rosa_logging/snippets similarity index 100% rename from rosa_getting_started_sts/snippets rename to rosa_cluster_admin/rosa_logging/snippets diff --git a/rosa_cluster_admin/rosa_monitoring/images b/rosa_cluster_admin/rosa_monitoring/images new file mode 120000 index 0000000000..e4c5bd02a1 --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/images @@ -0,0 +1 @@ +../images/ \ No newline at end of file diff --git a/rosa_cluster_admin/rosa_monitoring/modules b/rosa_cluster_admin/rosa_monitoring/modules new file mode 120000 index 0000000000..43aab75b53 --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/modules @@ -0,0 +1 @@ +../modules/ \ No newline at end of file diff --git a/rosa_cluster_admin/rosa_monitoring/rosa-accessing-monitoring-for-user-defined-projects.adoc b/rosa_cluster_admin/rosa_monitoring/rosa-accessing-monitoring-for-user-defined-projects.adoc new file mode 100644 index 0000000000..aea7abb766 --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/rosa-accessing-monitoring-for-user-defined-projects.adoc @@ -0,0 +1,23 @@ +:_content-type: ASSEMBLY +[id="rosa-accessing-monitoring-for-user-defined-projects"] += Accessing monitoring for user-defined projects +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-accessing-monitoring-for-user-defined-projects + +toc::[] + +By default, centralized monitoring for user-defined projects and platform monitoring are enabled. You can monitor your own projects in {product-title} without the need for an additional monitoring solution. + +The monitoring of user-defined projects cannot be disabled. + +The `dedicated-admin` user has default permissions to configure and access monitoring for user-defined projects. + +[NOTE] +==== +Custom Prometheus instances and the Prometheus Operator installed through Operator Lifecycle Manager (OLM) can cause issues with user-defined project monitoring if it is enabled. Custom Prometheus instances are not supported. +==== + +[id="accessing-user-defined-monitoring-next-steps"] +== Next steps + +* xref:../rosa_monitoring/rosa-managing-metrics.adoc#rosa-managing-metrics[Managing metrics] diff --git a/rosa_cluster_admin/rosa_monitoring/rosa-configuring-the-monitoring-stack.adoc b/rosa_cluster_admin/rosa_monitoring/rosa-configuring-the-monitoring-stack.adoc new file mode 100644 index 0000000000..55e010a8ed --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/rosa-configuring-the-monitoring-stack.adoc @@ -0,0 +1,83 @@ +:_content-type: ASSEMBLY +[id="rosa-configuring-the-monitoring-stack"] += Configuring the monitoring stack +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-configuring-the-monitoring-stack + +toc::[] + +After you configure the monitoring stack, you can review common configuration scenarios and configure monitoring of user-defined projects. + +// Maintenance and support for monitoring +include::modules/osd-monitoring-maintenance-and-support.adoc[leveloffset=+1] +include::modules/osd-monitoring-support-considerations.adoc[leveloffset=+2] + +// Configuring the monitoring stack +include::modules/osd-monitoring-configuring-the-monitoring-stack.adoc[leveloffset=+1] + +// Configurable monitoring components +include::modules/osd-monitoring-configurable-monitoring-components.adoc[leveloffset=+1] + +// Moving monitoring components to different nodes +include::modules/osd-monitoring-moving-monitoring-components-to-different-nodes.adoc[leveloffset=+1] + +//// +Commenting out these links until they can be updated. + +[role="_additional-resources"] +.Additional resources + +* link:https://docs.openshift.com/container-platform/4.7/nodes/nodes/nodes-nodes-working.html#nodes-nodes-working-updating_nodes-nodes-working[Understanding how to update labels on nodes] +* link:https://docs.openshift.com/container-platform/4.7/nodes/scheduling/nodes-scheduler-node-selectors.html[Placing pods on specific nodes using node selectors] +* See the link:https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector[Kubernetes documentation] for details on the `nodeSelector` constraint +//// + +// TODO: Same question about whether links out to OCP docs should explicitly mention that? (I won't point out any more, but could easily search to find other instances in the repo). + +// Assigning tolerations to monitoring components +include::modules/osd-monitoring-assigning-tolerations-to-monitoring-components.adoc[leveloffset=+1] + +.Additional resources + +* See the link:https://docs.openshift.com/container-platform/4.7/nodes/scheduling/nodes-scheduler-taints-tolerations.html#nodes-scheduler-taints-tolerations[OpenShift Container Platform documentation] on taints and tolerations +* See the link:https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/[Kubernetes documentation] on taints and tolerations + +// Configuring persistent storage +[id="configuring-persistent-storage"] +== Configuring persistent storage + +Running cluster monitoring with persistent storage means that your metrics are stored to a persistent volume (PV) and can survive a pod being restarted or recreated. This is ideal if you require your metrics data to be guarded from data loss. For production environments, it is highly recommended to configure persistent storage. Because of the high IO demands, it is advantageous to use local storage. + +[IMPORTANT] +==== +See link:https://docs.openshift.com/container-platform/4.7/scalability_and_performance/optimizing-storage.html#recommended-configurable-storage-technology_persistent-storage[Recommended configurable storage technology]. +==== + +[id="persistent-storage-prerequisites"] +=== Persistent storage prerequisites + +* Use the block type of storage. + +include::modules/osd-monitoring-configuring-a-local-persistent-volume-claim.adoc[leveloffset=+2] +include::modules/osd-monitoring-modifying-retention-time-for-prometheus-metrics-data.adoc[leveloffset=+2] + +.Additional resources + +* link:https://docs.openshift.com/container-platform/4.7/storage/understanding-persistent-storage.html[Understanding persistent storage] +* link:https://docs.openshift.com/container-platform/4.7/scalability_and_performance/optimizing-storage.html[Optimizing storage] + +// Managing scrape sample limits for user-defined projects +include::modules/osd-monitoring-limiting-scrape-samples-in-user-defined-projects.adoc[leveloffset=+1] +include::modules/osd-monitoring-setting-a-scrape-sample-limit-for-user-defined-projects.adoc[leveloffset=+2] + +.Additional resources + +* link:https://docs.openshift.com/container-platform/4.7/monitoring/troubleshooting-monitoring-issues.html#determining-why-prometheus-is-consuming-disk-space_troubleshooting-monitoring-issues[Determining why Prometheus is consuming a lot of disk space] for steps to query which metrics have the highest number of scrape samples + +// Setting log levels for monitoring components +include::modules/osd-monitoring-setting-log-levels-for-monitoring-components.adoc[leveloffset=+1] + +[id="configuring-the-monitoring-stack-next-steps"] +== Next steps + +* xref:../rosa_monitoring/rosa-accessing-monitoring-for-user-defined-projects.adoc#rosa-accessing-monitoring-for-user-defined-projects[Accessing monitoring for user-defined projects] diff --git a/rosa_cluster_admin/rosa_monitoring/rosa-managing-alerts.adoc b/rosa_cluster_admin/rosa_monitoring/rosa-managing-alerts.adoc new file mode 100644 index 0000000000..9f1be3795a --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/rosa-managing-alerts.adoc @@ -0,0 +1,13 @@ +:_content-type: ASSEMBLY +[id="rosa-managing-alerts"] += Alerts +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-managing-alerts + +toc::[] + +Alerts for monitoring workloads in user-defined projects are not currently supported in this {product-title}. + +[id="alerts-next-steps"] +== Next steps +* xref:../rosa_monitoring/rosa-reviewing-monitoring-dashboards.adoc#rosa-reviewing-monitoring-dashboards[Reviewing monitoring dashboards] diff --git a/rosa_cluster_admin/rosa_monitoring/rosa-managing-metrics.adoc b/rosa_cluster_admin/rosa_monitoring/rosa-managing-metrics.adoc new file mode 100644 index 0000000000..35e7acf422 --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/rosa-managing-metrics.adoc @@ -0,0 +1,46 @@ +:_content-type: ASSEMBLY +[id="rosa-managing-metrics"] += Managing metrics +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-managing-metrics + +toc::[] + +{product-title} collects metrics for , and you can use to query and visualize them. + +// Understanding metrics +include::modules/osd-monitoring-understanding-metrics.adoc[leveloffset=+1] + +// Setting up metrics collection for user-defined projects +include::modules/osd-monitoring-setting-up-metrics-collection-for-user-defined-projects.adoc[leveloffset=+1] +include::modules/osd-monitoring-deploying-a-sample-service.adoc[leveloffset=+2] +include::modules/osd-monitoring-specifying-how-a-service-is-monitored.adoc[leveloffset=+2] + +.Additional resources + +// * See the link:https://github.com/openshift/prometheus-operator/blob/release-4.7/Documentation/api.md[Prometheus Operator API documentation] for more information on `ServiceMonitor` and `PodMonitor` resources. +* xref:../rosa_monitoring/rosa-accessing-monitoring-for-user-defined-projects.adoc#rosa-accessing-monitoring-for-user-defined-projects[Accessing monitoring for user-defined projects]. + +// Querying metrics +include::modules/osd-monitoring-querying-metrics.adoc[leveloffset=+1] +include::modules/osd-monitoring-querying-metrics-for-all-projects-as-an-administrator.adoc[leveloffset=+2] +include::modules/osd-monitoring-querying-metrics-for-user-defined-projects-as-a-developer.adoc[leveloffset=+2] + +.Additional resources + +* See the link:https://prometheus.io/docs/prometheus/latest/querying/basics/[Prometheus query documentation] for more information about creating PromQL queries. +* See the xref:../rosa_monitoring/rosa-managing-metrics.adoc#querying-metrics-for-user-defined-projects-as-a-developer_rosa-managing-metrics[Querying metrics for user-defined projects as a developer] for details on accessing non-cluster metrics as a developer or a privileged user +// TODO: The above additional resource points to the same module that it's an additional resource of + +include::modules/osd-monitoring-exploring-the-visualized-metrics.adoc[leveloffset=+2] + +.Additional resources + +* See the xref:../rosa_monitoring/rosa-managing-metrics.adoc#querying-metrics_rosa-managing-metrics[Querying metrics] section on using the PromQL interface +* xref:../rosa_monitoring/rosa-troubleshooting-monitoring-issues.adoc#rosa-troubleshooting-monitoring-issues[Troubleshooting monitoring issues] + +[id="managing-metrics-next-steps"] +== Next steps +* xref:../rosa_monitoring/rosa-managing-alerts.adoc#rosa-managing-alerts[Alerts] + +// TODO: Why is alerts a next step if alerts aren't supported? Can this be removed? diff --git a/rosa_cluster_admin/rosa_monitoring/rosa-reviewing-monitoring-dashboards.adoc b/rosa_cluster_admin/rosa_monitoring/rosa-reviewing-monitoring-dashboards.adoc new file mode 100644 index 0000000000..4e97453a8d --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/rosa-reviewing-monitoring-dashboards.adoc @@ -0,0 +1,32 @@ +:_content-type: ASSEMBLY +include::_attributes/attributes-openshift-dedicated.adoc[] +[id="rosa-reviewing-monitoring-dashboards"] += Reviewing monitoring dashboards +:context: rosa-reviewing-monitoring-dashboards + +toc::[] + +{product-title} provides monitoring dashboards that help you understand the state of user-defined projects. + +In the *Developer* perspective, you can access dashboards that provide the following statistics for a selected project: + +* CPU usage +* Memory usage +* Bandwidth information +* Packet rate information + +.Example dashboard in the Developer perspective +image::monitoring-dashboard-developer.png[] + +[NOTE] +==== +In the *Developer* perspective, you can view dashboards for only one project at a time. +==== + +// Reviewing monitoring dashboards as a developer +include::modules/osd-monitoring-reviewing-monitoring-dashboards-developer.adoc[leveloffset=+1] + +[id="monitoring-dashboards-next-steps"] +== Next steps + +* xref:../rosa_monitoring/rosa-troubleshooting-monitoring-issues.adoc#rosa-troubleshooting-monitoring-issues[Troubleshooting monitoring issues] diff --git a/rosa_cluster_admin/rosa_monitoring/rosa-troubleshooting-monitoring-issues.adoc b/rosa_cluster_admin/rosa_monitoring/rosa-troubleshooting-monitoring-issues.adoc new file mode 100644 index 0000000000..5b4fd0803c --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/rosa-troubleshooting-monitoring-issues.adoc @@ -0,0 +1,11 @@ +:_content-type: ASSEMBLY +[id="rosa-troubleshooting-monitoring-issues"] += Troubleshooting monitoring issues +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-troubleshooting-monitoring-issues + +toc::[] + +Find troubleshooting steps for common monitoring issues with user-defined projects. + +include::modules/osd-monitoring-troubleshooting-issues.adoc[leveloffset=+1] diff --git a/rosa_cluster_admin/rosa_monitoring/rosa-understanding-the-monitoring-stack.adoc b/rosa_cluster_admin/rosa_monitoring/rosa-understanding-the-monitoring-stack.adoc new file mode 100644 index 0000000000..59d1e4626b --- /dev/null +++ b/rosa_cluster_admin/rosa_monitoring/rosa-understanding-the-monitoring-stack.adoc @@ -0,0 +1,34 @@ +:_content-type: ASSEMBLY +[id="rosa-understanding-the-monitoring-stack"] += Understanding the monitoring stack +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-understanding-the-monitoring-stack + +toc::[] + +In {product-title}, you can monitor your own projects in isolation from Red Hat Site Reliability Engineer (SRE) platform metrics. You can monitor your own projects without the need for an additional monitoring solution. + +[NOTE] +==== +Follow the instructions in this document carefully to configure a supported Prometheus instance for monitoring user-defined projects. Custom Prometheus instances are not supported by {product-title}. +==== + +// Understanding the monitoring stack +include::modules/osd-monitoring-understanding-the-monitoring-stack.adoc[leveloffset=+1] +include::modules/osd-monitoring-components-for-monitoring-user-defined-projects.adoc[leveloffset=+2] +include::modules/osd-monitoring-targets-for-user-defined-projects.adoc[leveloffset=+2] + +[id="understanding-the-monitoring-stack-additional-resources"] +== Additional resources + +//Because this is a duplicate file only referenced in the ROSA topic map, the xref links in this section will differ from the osd-understanding-the-monitoring-stack.adoc file. + +* xref:../rosa_monitoring/rosa-accessing-monitoring-for-user-defined-projects.adoc#rosa-accessing-monitoring-for-user-defined-projects[Accessing monitoring for user-defined projects] +* link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/monitoring/understanding-the-monitoring-stack#default-monitoring-components_understanding-the-monitoring-stack[Default monitoring components] +* link:https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/monitoring/understanding-the-monitoring-stack#default-monitoring-targets_understanding-the-monitoring-stack[Default monitoring targets] +// TODO: When there is a link to the OCP docs, should that be explicit, so they're not surprised when they find themselves in another doc set? + +[id="understanding-the-monitoring-stack-next-steps"] +== Next steps + +* xref:../rosa_monitoring/rosa-configuring-the-monitoring-stack.adoc#rosa-configuring-the-monitoring-stack[Configuring the monitoring stack] diff --git a/rosa_policy/snippets b/rosa_cluster_admin/rosa_monitoring/snippets similarity index 100% rename from rosa_policy/snippets rename to rosa_cluster_admin/rosa_monitoring/snippets diff --git a/rosa_cluster_admin/rosa_nodes/images b/rosa_cluster_admin/rosa_nodes/images new file mode 120000 index 0000000000..5e67573196 --- /dev/null +++ b/rosa_cluster_admin/rosa_nodes/images @@ -0,0 +1 @@ +../images \ No newline at end of file diff --git a/rosa_cluster_admin/rosa_nodes/modules b/rosa_cluster_admin/rosa_nodes/modules new file mode 120000 index 0000000000..464b823aca --- /dev/null +++ b/rosa_cluster_admin/rosa_nodes/modules @@ -0,0 +1 @@ +../modules \ No newline at end of file diff --git a/rosa_cluster_admin/rosa_nodes/rosa-managing-worker-nodes.adoc b/rosa_cluster_admin/rosa_nodes/rosa-managing-worker-nodes.adoc new file mode 100644 index 0000000000..de43fe0077 --- /dev/null +++ b/rosa_cluster_admin/rosa_nodes/rosa-managing-worker-nodes.adoc @@ -0,0 +1,21 @@ +:_content-type: ASSEMBLY +include::_attributes/attributes-openshift-dedicated.adoc[] +[id="rosa-managing-worker-nodes"] += Managing worker nodes +:context: rosa-managing-worker-nodes +toc::[] + +This section describes how to manage worker nodes with {product-title} (ROSA). + +The majority of changes for worker nodes are configured on machine pools. A _machine pool_ is a group of worker nodes in a cluster that have the same configuration, providing ease of management. You can edit the configuration of worker nodes for options such as scaling, instance type, labels, and taints. + +include::modules/rosa-scaling-worker-nodes.adoc[leveloffset=+1] +include::modules/rosa-adding-node-labels.adoc[leveloffset=+1] +include::modules/rosa-adding-instance-types.adoc[leveloffset=+1] + +== Additional resources +* xref:../rosa_nodes/rosa-nodes-machinepools-about.adoc#rosa-nodes-machinepools-about[About machinepools] +* xref:../rosa_nodes/rosa-nodes-about-autoscaling-nodes.adoc#rosa-nodes-about-autoscaling-nodes[About autoscaling] +* xref:../rosa_nodes/rosa-nodes-about-autoscaling-nodes.adoc#rosa-nodes-about-autoscaling-nodes[Enabling autoscaling] +* xref:../rosa_nodes/rosa-nodes-about-autoscaling-nodes.adoc#nodes-disabling-autoscaling-nodes[Disabling autoscaling] +* xref:../../rosa_architecture/rosa-service-definition.adoc#rosa-service-definition[ROSA Service Definition] diff --git a/rosa_cluster_admin/rosa_nodes/rosa-nodes-about-autoscaling-nodes.adoc b/rosa_cluster_admin/rosa_nodes/rosa-nodes-about-autoscaling-nodes.adoc new file mode 100644 index 0000000000..d890bd81bc --- /dev/null +++ b/rosa_cluster_admin/rosa_nodes/rosa-nodes-about-autoscaling-nodes.adoc @@ -0,0 +1,79 @@ +:_content-type: ASSEMBLY +include::_attributes/attributes-openshift-dedicated.adoc[] +[id="rosa-nodes-about-autoscaling-nodes"] += About autoscaling nodes on a cluster +:context: rosa-nodes-about-autoscaling-nodes +toc::[] + +ifdef::openshift-dedicated[] +[IMPORTANT] +==== +Autoscaling is available only on clusters that were purchased through the Red Hat Marketplace. +==== +endif::[] + +The autoscaler option can be configured to automatically scale the number of machines in a cluster. + +The cluster autoscaler increases the size of the cluster when there are pods that failed to schedule on any of the current nodes due to insufficient resources or when another node is necessary to meet deployment needs. The cluster autoscaler does not increase the cluster resources beyond the limits that you specify. + +Additionally, the cluster autoscaler decreases the size of the cluster when some nodes are consistently not needed for a significant period, such as when it has low resource use and all of its important pods can fit on other nodes. + +When you enable autoscaling, you must also set a minimum and maximum number of worker nodes. + +[NOTE] +==== +Only cluster owners and organization admins can scale or delete a cluster. +==== + +[id="nodes-enabling-autoscaling-nodes"] +== Enabling autoscaling nodes on a cluster + +You can enable autoscaling on worker nodes to increase or decrease the number of nodes available by editing the machine pool definition for an existing cluster. + +[discrete] +include::modules/ocm-enabling-autoscaling-nodes.adoc[leveloffset=+2] + +ifdef::openshift-rosa[] +[NOTE] +==== +Additionally, you can configure autoscaling on the default machine pool when you xref:../../rosa_getting_started/rosa_getting_started_iam/rosa-creating-cluster.adoc#rosa-creating-cluster[create the cluster using interactive mode]. +==== + +[discrete] +include::modules/rosa-enabling-autoscaling-nodes.adoc[leveloffset=+2] +endif::[] + +[id="nodes-disabling-autoscaling-nodes"] +== Disabling autoscaling nodes on a cluster + +You can disable autoscaling on worker nodes to increase or decrease the number of nodes available by editing the machine pool definition for an existing cluster. + +ifdef::openshift-dedicated[] +You can disable autoscaling on a cluster using {cluster-manager} console. +endif::[] + +ifdef::openshift-rosa[] +You can disable autoscaling on a cluster using {cluster-manager} console or the {product-title} CLI. + +[NOTE] +==== +Additionally, you can configure autoscaling on the default machine pool when you xref:../../rosa_getting_started/rosa_getting_started_iam/rosa-creating-cluster.adoc#rosa-creating-cluster[create the cluster using interactive mode]. +==== +endif::[] + +[discrete] +include::modules/ocm-disabling-autoscaling-nodes.adoc[leveloffset=+2] + +ifdef::openshift-rosa[] + +[discrete] +include::modules/rosa-disabling-autoscaling-nodes.adoc[leveloffset=+2] +endif::[] + +[id="nodes-about-autoscaling-nodes-additional-resources"] +== Additional resources +* xref:../rosa_nodes/rosa-nodes-machinepools-about.adoc#rosa-nodes-machinepools-about[About machinepools] +ifdef::openshift-rosa[] +* xref:../rosa_nodes/rosa-managing-worker-nodes.adoc#rosa-managing-worker-nodes[Managing worker nodes] +* xref:../../rosa_cli/rosa-manage-objects-cli.adoc#rosa-managing-objects-cli[Managing objects with the rosa CLI] +endif::[] diff --git a/rosa_cluster_admin/rosa_nodes/rosa-nodes-machinepools-about.adoc b/rosa_cluster_admin/rosa_nodes/rosa-nodes-machinepools-about.adoc new file mode 100644 index 0000000000..f247343094 --- /dev/null +++ b/rosa_cluster_admin/rosa_nodes/rosa-nodes-machinepools-about.adoc @@ -0,0 +1,42 @@ +:_content-type: ASSEMBLY +include::_attributes/attributes-openshift-dedicated.adoc[] +[id="rosa-nodes-machinepools-about"] += About machine pools +:context: rosa-nodes-machinepools-about + +toc::[] + +{product-title} uses machine pools as an elastic, dynamic provisioning method on top of your cloud infrastructure. + +The primary resources are machines, machine sets, and machine pools. + +== Machines +A machine is a fundamental unit that describes the host for a worker node. + +== Machine sets +`MachineSet` resources are groups of machines. If you need more machines or must scale them down, change the number of replicas in the machine pool to which the machine sets belong. + +ifdef::openshift-rosa[] +Machine sets are not directly modifiable in ROSA. +endif::[] + +== Machine pools +Machine pools are a higher level construct to machine sets. + +A machine pool creates machine sets that are all clones of the same configuration across availability zones. Machine pools perform all of the host node provisioning management actions on a worker node. If you need more machines or must scale them down, change the number of replicas in the machine pool to meet your compute needs. You can manually configure scaling or set autoscaling. + +By default, a cluster is created with one machine pool. You can add additional machine pools to an existing cluster, modify the default machine pool, and delete machine pools. + +Multiple machine pools can exist on a single cluster, and they can each have different types or different size nodes. + +== Machine pools in multiple zone clusters +When you create a machine pool in a multiple availability zone (Multi-AZ) cluster, that one machine pool has 3 zones. The machine pool, in turn, creates a total of 3 machine sets - one machine set for each zone in the cluster. Each of those machine sets manages one or more machines in its respective availability zone. + +If you create a new Multi-AZ cluster, the machine pools are replicated to those zones automatically. If you add a machine pool to an existing Multi-AZ, the new pool is automatically created in those zones. Similarly, deleting a machine pool will delete it from all zones. +Due to this multiplicative effect, using machine pools in Multi-AZ cluster can consume more of your project's quota for a specific region when creating machine pools. + +== Additional resources +ifdef::openshift-rosa[] +* xref:../rosa_nodes/rosa-managing-worker-nodes.adoc#rosa-managing-worker-nodes[Managing worker nodes] +endif::[] +* xref:../rosa_nodes/rosa-nodes-about-autoscaling-nodes.adoc#rosa-nodes-about-autoscaling-nodes[About autoscaling] diff --git a/rosa_cluster_admin/rosa_nodes/snippets b/rosa_cluster_admin/rosa_nodes/snippets new file mode 120000 index 0000000000..9f5bc7e4dd --- /dev/null +++ b/rosa_cluster_admin/rosa_nodes/snippets @@ -0,0 +1 @@ +../snippets \ No newline at end of file diff --git a/rosa_cluster_admin/snippets b/rosa_cluster_admin/snippets new file mode 120000 index 0000000000..9f5bc7e4dd --- /dev/null +++ b/rosa_cluster_admin/snippets @@ -0,0 +1 @@ +../snippets \ No newline at end of file diff --git a/rosa_getting_started/rosa-getting-started.adoc b/rosa_getting_started/rosa-getting-started.adoc index f87f6a73d1..c26ac44acc 100644 --- a/rosa_getting_started/rosa-getting-started.adoc +++ b/rosa_getting_started/rosa-getting-started.adoc @@ -17,9 +17,9 @@ You can create a ROSA cluster either with or without the AWS Security Token Serv * You read the documentation on xref:../rosa_planning/rosa-limits-scalability.adoc#rosa-limits-scalability[limits and scalability] and the xref:../rosa_planning/rosa-planning-environment.adoc#rosa-planning-environment[guidelines for planning your environment]. -* You reviewed the detailed xref:../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS]. +* You reviewed the detailed xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]. -* You have the xref:../rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[AWS service quotas that are required to run a ROSA cluster]. +* You have the xref:../rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[AWS service quotas that are required to run a ROSA cluster]. include::modules/rosa-getting-started-environment-setup.adoc[leveloffset=+1] include::modules/rosa-getting-started-enable-rosa.adoc[leveloffset=+2] @@ -31,14 +31,14 @@ include::modules/rosa-getting-started-create-cluster-admin-user.adoc[leveloffset .Additional resource -* For steps to log in to the ROSA web console, see xref:../rosa_getting_started/rosa-getting-started.adoc#rosa-getting-started-access-cluster-web-console[Accessing a cluster through the web console] +* For steps to log in to the ROSA web console, see xref:../rosa_getting_started/rosa-getting-started.adoc#rosa-getting-started-access-cluster-web-console_rosa-getting-started[Accessing a cluster through the web console] include::modules/rosa-getting-started-configure-an-idp-and-grant-access.adoc[leveloffset=+1] include::modules/rosa-getting-started-configure-an-idp.adoc[leveloffset=+2] .Additional resource -* For detailed steps to configure each of the supported identity provider types, see xref:../rosa_getting_started_sts/rosa-sts-config-identity-providers.adoc#rosa-sts-config-identity-providers[Configuring identity providers for STS] +* For detailed steps to configure each of the supported identity provider types, see xref:../rosa_getting_started/rosa-sts-config-identity-providers.adoc#rosa-sts-config-identity-providers[Configuring identity providers for STS] include::modules/rosa-getting-started-grant-user-access.adoc[leveloffset=+2] include::modules/rosa-getting-started-grant-admin-privileges.adoc[leveloffset=+2] @@ -52,17 +52,17 @@ include::modules/rosa-getting-started-deleting-a-cluster.adoc[leveloffset=+1] [id="next-steps_{context}"] == Next steps -* xref:../adding_service_cluster/adding-service.adoc#adding-service[Adding services to a cluster using the OCM console] -* xref:../nodes/rosa-managing-worker-nodes.adoc#rosa-managing-worker-nodes[Managing compute nodes] -* xref:../monitoring/osd-configuring-the-monitoring-stack.adoc#osd-configuring-the-monitoring-stack[Configuring the monitoring stack] -* xref:../logging/rosa-install-logging.adoc#rosa-install-logging[Installing logging add-on services] +* xref:../adding_service_cluster/adding-service.adoc#adding-service[Adding services to a cluster using the {cluster-manager} console] +* xref:../rosa_cluster_admin/rosa_nodes/rosa-managing-worker-nodes.adoc#rosa-managing-worker-nodes[Managing compute nodes] +* xref:../rosa_cluster_admin/rosa_monitoring/rosa-configuring-the-monitoring-stack.adoc#rosa-configuring-the-monitoring-stack[Configuring the monitoring stack] +* xref:../rosa_cluster_admin/rosa_logging/rosa-install-logging.adoc#rosa-install-logging[Installing logging add-on services] [role="_additional-resources"] [id="additional-resources_{context}"] == Additional resources -* For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc#rosa-sts-understanding-the-deployment-workflow[Understanding the ROSA with STS deployment workflow] +* For more information about setting up accounts and ROSA clusters using AWS STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow] -* For information about setting up accounts and ROSA clusters without using AWS STS, see xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* For information about setting up accounts and ROSA clusters without using AWS STS, see xref:../rosa_getting_started/rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] * For documentation on upgrading your cluster, see xref:../upgrading/rosa-upgrading.adoc#rosa-upgrading[Upgrading ROSA clusters] diff --git a/rosa_getting_started/rosa-installing-rosa.adoc b/rosa_getting_started/rosa-installing-rosa.adoc index 7e696ddcac..be27b62258 100644 --- a/rosa_getting_started/rosa-installing-rosa.adoc +++ b/rosa_getting_started/rosa-installing-rosa.adoc @@ -19,6 +19,6 @@ include::modules/rosa-installing.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-aws-prereqs.adoc#prerequisites[AWS Prerequisites] +* xref:../rosa_planning/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites] * xref:../rosa_getting_started/rosa-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas[Required AWS service quotas and requesting increases] -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* xref:../rosa_architecture/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-about-iam-resources.adoc b/rosa_getting_started/rosa-sts-about-iam-resources.adoc similarity index 62% rename from rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-about-iam-resources.adoc rename to rosa_getting_started/rosa-sts-about-iam-resources.adoc index 855f9fef63..404040a9a0 100644 --- a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-about-iam-resources.adoc +++ b/rosa_getting_started/rosa-sts-about-iam-resources.adoc @@ -11,15 +11,15 @@ include::modules/rosa-sts-about-iam-resources.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* For steps to quickly create a ROSA cluster with STS, including the AWS IAM resources, see xref:../../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Creating a ROSA cluster with STS quickly]. -* For steps to create a ROSA cluster with STS using customizations, including the AWS IAM resources, see xref:../../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[Creating a ROSA cluster with STS using customizations]. +* For steps to quickly create a ROSA cluster with STS, including the AWS IAM resources, see xref:../rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Creating a ROSA cluster with STS quickly]. +* For steps to create a ROSA cluster with STS using customizations, including the AWS IAM resources, see xref:../rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[Creating a ROSA cluster with STS using customizations]. include::modules/rosa-sts-account-wide-roles-and-policies.adoc[leveloffset=+1] [role="_additional-resources"] .Additional resources -* For a definition of OpenShift major, minor, and patch versions, see xref:../../rosa_policy/rosa-life-cycle.adoc#rosa-life-cycle-definitions_rosa-life-cycle[the {product-title} update life cycle]. +* For a definition of OpenShift major, minor, and patch versions, see xref:../rosa_architecture/rosa-life-cycle.adoc#rosa-life-cycle-definitions_rosa-life-cycle[the {product-title} update life cycle]. include::modules/rosa-sts-account-wide-role-and-policy-commands.adoc[leveloffset=+2] include::modules/rosa-sts-operator-roles.adoc[leveloffset=+1] diff --git a/rosa_getting_started_sts/rosa-sts-accessing-cluster.adoc b/rosa_getting_started/rosa-sts-accessing-cluster.adoc similarity index 72% rename from rosa_getting_started_sts/rosa-sts-accessing-cluster.adoc rename to rosa_getting_started/rosa-sts-accessing-cluster.adoc index 06f1d1c9c8..30f45355d3 100644 --- a/rosa_getting_started_sts/rosa-sts-accessing-cluster.adoc +++ b/rosa_getting_started/rosa-sts-accessing-cluster.adoc @@ -17,5 +17,5 @@ include::modules/rosa-create-dedicated-cluster-admins.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started_sts/rosa-sts-config-identity-providers.adoc#rosa-sts-config-identity-providers[Configuring identity providers using {cluster-manager-first} console] -* xref:../rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc#rosa-sts-understanding-the-deployment-workflow[Getting started workflow] +* xref:../rosa_getting_started/rosa-sts-config-identity-providers.adoc#rosa-sts-config-identity-providers[Configuring identity providers using {cluster-manager-first} console] +* xref:../rosa_architecture/rosa-sts-getting-started-workflow.adoc#rosa-sts-understanding-the-deployment-workflow[Understanding the ROSA with STS deployment workflow] diff --git a/rosa_getting_started_sts/rosa-sts-config-identity-providers.adoc b/rosa_getting_started/rosa-sts-config-identity-providers.adoc similarity index 77% rename from rosa_getting_started_sts/rosa-sts-config-identity-providers.adoc rename to rosa_getting_started/rosa-sts-config-identity-providers.adoc index 79c93589dd..d94c7d2026 100644 --- a/rosa_getting_started_sts/rosa-sts-config-identity-providers.adoc +++ b/rosa_getting_started/rosa-sts-config-identity-providers.adoc @@ -20,5 +20,5 @@ include::modules/config-openid-idp.adoc[leveloffset=+1] [id="additional-resources-cluster-access-sts"] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started_sts/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Accessing a cluster] -* xref:../rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc#rosa-sts-understanding-the-deployment-workflow[Understanding the ROSA with STS deployment workflow] +* xref:../rosa_getting_started/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Accessing a cluster] +* xref:../rosa_architecture/rosa-sts-getting-started-workflow.adoc#rosa-sts-understanding-the-deployment-workflow[Understanding the ROSA with STS deployment workflow] diff --git a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-quickly.adoc b/rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc similarity index 65% rename from rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-quickly.adoc rename to rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc index 74f4fa1da4..f33e32aff2 100644 --- a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-quickly.adoc +++ b/rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc @@ -13,13 +13,13 @@ include::modules/rosa-sts-creating-a-cluster-quickly.adoc[leveloffset=+1] [id="next-steps_{context}"] == Next steps -* xref:../../rosa_getting_started_sts/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Accessing a ROSA cluster] +* xref:../rosa_getting_started/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Accessing a ROSA cluster] [role="_additional-resources"] [id="additional-resources_rosa-sts-creating-a-cluster-quickly"] == Additional resources -* For more information about the AWS Identity Access Management (IAM) resources required to deploy {product-title} with STS, see xref:../../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS]. -* For information about the prerequisites to installing ROSA with STS, see xref:../../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS]. +* For more information about the AWS Identity Access Management (IAM) resources required to deploy {product-title} with STS, see xref:../rosa_getting_started/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS]. +* For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]. * For more information about using OpenID Connect (OIDC) identity providers in AWS IAM, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers] in the AWS documentation. -* For more information about troubleshooting ROSA cluster deployments, see xref:../../rosa_support/rosa-troubleshooting-deployments.adoc#rosa-troubleshooting-cluster-deployments[Troubleshooting cluster deployments]. +* For more information about troubleshooting ROSA cluster deployments, see xref:../rosa_support/rosa-troubleshooting-deployments.adoc#rosa-troubleshooting-cluster-deployments[Troubleshooting cluster deployments]. diff --git a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-with-customizations.adoc b/rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc similarity index 56% rename from rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-with-customizations.adoc rename to rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc index 7dc405d090..32f671952f 100644 --- a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-with-customizations.adoc +++ b/rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc @@ -14,15 +14,15 @@ include::modules/rosa-sts-creating-a-cluster-with-customizations.adoc[leveloffse [id="next-steps_{context}"] == Next steps -* xref:../../rosa_getting_started_sts/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Accessing a ROSA cluster] +* xref:../rosa_getting_started/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Accessing a ROSA cluster] [role="_additional-resources"] [id="additional-resources_rosa-sts-creating-a-cluster-with-customizations"] == Additional resources -* For more information about the AWS Identity Access Management (IAM) resources required to deploy {product-title} with STS, see xref:../../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS]. -* For an overview of the options that are presented when you create a cluster using interactive mode, see xref:../../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-interactive-mode-reference.adoc#rosa-sts-interactive-mode-reference[Interactive cluster creation mode reference]. -* For information about the prerequisites to installing ROSA with STS, see xref:../../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS]. +* For more information about the AWS Identity Access Management (IAM) resources required to deploy {product-title} with STS, see xref:../rosa_getting_started/rosa-sts-about-iam-resources.adoc#rosa-sts-about-iam-resources[About IAM resources for clusters that use STS]. +* For an overview of the options that are presented when you create a cluster using interactive mode, see xref:../rosa_getting_started/rosa-sts-interactive-mode-reference.adoc#rosa-sts-understanding-interactive-mode-options_rosa-sts-interactive-mode-reference[Interactive cluster creation mode reference]. +* For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS]. * For more information about using OpenID Connect (OIDC) identity providers in AWS IAM, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers] in the AWS documentation. -* For more information about etcd encryption, see the xref:../../rosa_policy/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition]. -* For more information about troubleshooting ROSA cluster deployments, see xref:../../rosa_support/rosa-troubleshooting-deployments.adoc#rosa-troubleshooting-cluster-deployments[Troubleshooting cluster deployments]. +* For more information about etcd encryption, see the xref:../rosa_architecture/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition]. +* For more information about troubleshooting ROSA cluster deployments, see xref:../rosa_support/rosa-troubleshooting-deployments.adoc#rosa-troubleshooting-cluster-deployments[Troubleshooting cluster deployments]. diff --git a/rosa_getting_started_sts/rosa-sts-deleting-access-cluster.adoc b/rosa_getting_started/rosa-sts-deleting-access-cluster.adoc similarity index 100% rename from rosa_getting_started_sts/rosa-sts-deleting-access-cluster.adoc rename to rosa_getting_started/rosa-sts-deleting-access-cluster.adoc diff --git a/rosa_getting_started_sts/rosa-sts-deleting-cluster.adoc b/rosa_getting_started/rosa-sts-deleting-cluster.adoc similarity index 100% rename from rosa_getting_started_sts/rosa-sts-deleting-cluster.adoc rename to rosa_getting_started/rosa-sts-deleting-cluster.adoc diff --git a/rosa_getting_started/rosa-sts-interactive-mode-reference.adoc b/rosa_getting_started/rosa-sts-interactive-mode-reference.adoc new file mode 100644 index 0000000000..5968b851e1 --- /dev/null +++ b/rosa_getting_started/rosa-sts-interactive-mode-reference.adoc @@ -0,0 +1,20 @@ +:_content-type: ASSEMBLY +[id="rosa-sts-interactive-mode-reference"] += Interactive cluster creation mode reference +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-sts-interactive-mode-reference + +toc::[] + +This section provides an overview of the options that are presented when you use the interactive mode to create a cluster through the `rosa` CLI. + +include::modules/rosa-sts-interactive-mode-reference.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_rosa-sts-interactive-mode-reference"] +== Additional resources + * For a list of the supported maximums, see xref:../rosa_planning/rosa-limits-scalability.adoc#tested-cluster-maximums_rosa-limits-scalability[ROSA tested cluster maximums]. +* For detailed steps to quickly create a ROSA cluster with STS, including the AWS IAM resources, see xref:../rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Creating a ROSA cluster with STS quickly]. +* For detailed steps to create a ROSA cluster with STS using customizations, including the AWS IAM resources, see xref:../rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[Creating a ROSA cluster with STS using customizations]. +* For more information about etcd encryption, see the xref:../rosa_architecture/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition]. +* For an example VPC architecture, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-vpc_rosa-sts-aws-prereqs[this sample VPC architecture]. diff --git a/rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc b/rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc similarity index 74% rename from rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc rename to rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc index 137c978e70..efc3e8f589 100644 --- a/rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc +++ b/rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc @@ -11,4 +11,4 @@ Review this list of the required Amazon Web Service (AWS) service quotas that ar include::modules/rosa-required-aws-service-quotas.adoc[leveloffset=+1] == Next steps -* xref:../rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc#rosa-sts-setting-up-environment[Set up the environment and install ROSA] +* xref:../rosa_getting_started/rosa-sts-setting-up-environment.adoc#rosa-sts-setting-up-environment[Set up the environment and install ROSA] diff --git a/rosa_getting_started/rosa-sts-setting-up-environment.adoc b/rosa_getting_started/rosa-sts-setting-up-environment.adoc new file mode 100644 index 0000000000..94f15531da --- /dev/null +++ b/rosa_getting_started/rosa-sts-setting-up-environment.adoc @@ -0,0 +1,23 @@ +:_content-type: ASSEMBLY +[id="rosa-sts-setting-up-environment"] += Setting up the environment for using STS +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-sts-setting-up-environment + +toc::[] + +After you meet the AWS prerequisites, set up your environment and install {product-title} (ROSA). + +include::modules/rosa-sts-setting-up-environment.adoc[leveloffset=+1] + +[id="next-steps_rosa-sts-setting-up-environment"] +== Next steps + +* xref:../rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Create a ROSA cluster with STS quickly] or xref:../rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[create a cluster using customizations]. + +[id="additional-resources"] +[role="_additional-resources"] +== Additional resources + +* xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS Prerequisites] +* xref:../rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas and increase requests] diff --git a/rosa_getting_started/rosa_getting_started_iam/images b/rosa_getting_started/rosa_getting_started_iam/images new file mode 120000 index 0000000000..5e67573196 --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_iam/images @@ -0,0 +1 @@ +../images \ No newline at end of file diff --git a/rosa_getting_started/rosa_getting_started_iam/modules b/rosa_getting_started/rosa_getting_started_iam/modules new file mode 120000 index 0000000000..464b823aca --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_iam/modules @@ -0,0 +1 @@ +../modules \ No newline at end of file diff --git a/rosa_getting_started/rosa-accessing-cluster.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-accessing-cluster.adoc similarity index 76% rename from rosa_getting_started/rosa-accessing-cluster.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-accessing-cluster.adoc index d8b1e9f173..a90e54138c 100644 --- a/rosa_getting_started/rosa-accessing-cluster.adoc +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-accessing-cluster.adoc @@ -21,5 +21,6 @@ include::modules/rosa-create-dedicated-cluster-admins.adoc[leveloffset=+1] [id="additional-resources-cluster-access"] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-config-identity-providers.adoc#rosa-config-identity-providers[Configuring identity providers] -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Getting started workflow] + +* xref:../rosa_getting_started_iam/rosa-config-identity-providers.adoc#rosa-config-identity-providers[Configuring identity providers] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started/rosa-aws-privatelink-creating-cluster.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-aws-privatelink-creating-cluster.adoc similarity index 54% rename from rosa_getting_started/rosa-aws-privatelink-creating-cluster.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-aws-privatelink-creating-cluster.adoc index ab4aadf74d..01a9cddd7b 100644 --- a/rosa_getting_started/rosa-aws-privatelink-creating-cluster.adoc +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-aws-privatelink-creating-cluster.adoc @@ -14,11 +14,11 @@ include::modules/rosa-aws-privatelink-create-cluster.adoc[leveloffset=+1] include::modules/osd-aws-privatelink-config-dns-forwarding.adoc[leveloffset=+1] == Next steps -xref:../rosa_getting_started/rosa-config-identity-providers.adoc#rosa-config-identity-providers[Configure identity providers] +xref:../rosa_getting_started_iam/rosa-config-identity-providers.adoc#rosa-config-identity-providers[Configure identity providers] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites[AWS PrivateLink firewall prerequisites] -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] -* xref:../rosa_getting_started/rosa-deleting-cluster.adoc#rosa-deleting-cluster[Deleting a ROSA cluster] -* xref:../rosa_architecture/rosa-architecture-models.adoc#rosa-architecture-models[ROSA architecture] +* xref:../../rosa_planning/rosa-aws-prereqs.adoc#osd-aws-privatelink-firewall-prerequisites[AWS PrivateLink firewall prerequisites] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* xref:../rosa_getting_started_iam/rosa-deleting-cluster.adoc#rosa-deleting-cluster[Deleting a ROSA cluster] +* xref:../../rosa_architecture/rosa-architecture-models.adoc#rosa-architecture-models[ROSA architecture] diff --git a/rosa_getting_started/rosa-config-aws-account.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-config-aws-account.adoc similarity index 52% rename from rosa_getting_started/rosa-config-aws-account.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-config-aws-account.adoc index a0ba1093af..50ed7e34b4 100644 --- a/rosa_getting_started/rosa-config-aws-account.adoc +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-config-aws-account.adoc @@ -13,12 +13,12 @@ include::modules/rosa-configuring-aws-account.adoc[leveloffset=+1] [id="next-steps_rosa-config-aws-account"] == Next steps -* xref:../rosa_getting_started/rosa-installing-rosa.adoc#rosa-installing-rosa[Install ROSA] +* xref:../rosa_getting_started_iam/rosa-installing-rosa.adoc#rosa-installing-rosa[Install ROSA] [id="additional-resources_rosa-config-aws-account"] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites] -* xref:../rosa_getting_started/rosa-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas[Required AWS service quotas and requesting increases] -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* xref:../../rosa_planning/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites] +* xref:../rosa_getting_started_iam/rosa-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas[Required AWS service quotas and requesting increases] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started/rosa-config-identity-providers.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-config-identity-providers.adoc similarity index 78% rename from rosa_getting_started/rosa-config-identity-providers.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-config-identity-providers.adoc index 50c06ca826..fb23c65d97 100644 --- a/rosa_getting_started/rosa-config-identity-providers.adoc +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-config-identity-providers.adoc @@ -20,5 +20,5 @@ include::modules/config-openid-idp.adoc[leveloffset=+1] [id="additional-resources-idps"] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-accessing-cluster.adoc#rosa-accessing-cluster[Accessing a cluster] -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* xref:../rosa_getting_started_iam/rosa-accessing-cluster.adoc#rosa-accessing-cluster[Accessing a cluster] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started/rosa-creating-cluster.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-creating-cluster.adoc similarity index 51% rename from rosa_getting_started/rosa-creating-cluster.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-creating-cluster.adoc index cfe3a329ad..a62e70efac 100644 --- a/rosa_getting_started/rosa-creating-cluster.adoc +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-creating-cluster.adoc @@ -13,12 +13,12 @@ This document describes how to set up a ROSA cluster. Alternatively, you can cre include::modules/rosa-creating-cluster.adoc[leveloffset=+1] == Next steps -xref:../rosa_getting_started/rosa-config-identity-providers.adoc#rosa-config-identity-providers[Configure identity providers] +xref:../rosa_getting_started_iam/rosa-config-identity-providers.adoc#rosa-config-identity-providers[Configure identity providers] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] -* xref:../rosa_getting_started/rosa-deleting-cluster.adoc#rosa-deleting-cluster[Deleting a ROSA cluster] -* xref:../rosa_architecture/rosa-architecture-models.adoc#rosa-architecture-models[ROSA architecture] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* xref:../rosa_getting_started_iam/rosa-deleting-cluster.adoc#rosa-deleting-cluster[Deleting a ROSA cluster] +* xref:../../rosa_architecture/rosa-architecture-models.adoc#rosa-architecture-models[ROSA architecture] diff --git a/rosa_getting_started/rosa-deleting-access-cluster.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-deleting-access-cluster.adoc similarity index 100% rename from rosa_getting_started/rosa-deleting-access-cluster.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-deleting-access-cluster.adoc diff --git a/rosa_getting_started/rosa-deleting-cluster.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-deleting-cluster.adoc similarity index 100% rename from rosa_getting_started/rosa-deleting-cluster.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-deleting-cluster.adoc diff --git a/rosa_getting_started/rosa_getting_started_iam/rosa-getting-started-workflow.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-getting-started-workflow.adoc new file mode 100644 index 0000000000..8efefbf1ec --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-getting-started-workflow.adoc @@ -0,0 +1,31 @@ +:_content-type: ASSEMBLY +[id="rosa-understanding-the-deployment-workflow"] += Understanding the ROSA deployment workflow +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-understanding-the-deployment-workflow + +toc::[] + +Before you create a {product-title} (ROSA) cluster that uses the AWS Security Token Service (STS), you must complete the AWS prerequisites, verify that the required AWS service quotas are available, and set up your environment. + +This document provides an overview of the ROSA with STS deployment workflow stages and refers to detailed resources for each stage. + +[id="rosa-overview-of-the-deployment-workflow"] +== Overview of the ROSA deployment workflow + +You can follow the workflow stages outlined in this section to set up and access a {product-title} (ROSA) cluster. + +. xref:../../rosa_planning/rosa-aws-prereqs.adoc#prerequisites[Perform the AWS prerequisites]. To deploy a ROSA cluster, your AWS account must meet the prerequisite requirements. +. xref:../rosa_getting_started_iam/rosa-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas[Review the required AWS service quotas]. To prepare for your cluster deployment, review the AWS service quotas that are required to run a ROSA cluster. +. xref:../rosa_getting_started_iam/rosa-config-aws-account.adoc#rosa-config-aws-account[Configure your AWS account]. Before you create a ROSA cluster, you must enable ROSA in your AWS account, install and configure the AWS CLI (`aws`) tool, and verify the AWS CLI tool configuration. +. xref:../rosa_getting_started_iam/rosa-installing-rosa.adoc#rosa-installing-rosa[Install the ROSA and OpenShift CLI tools and verify the AWS servce quotas]. Install and configure the ROSA CLI (`aws`) and the OpenShift CLI (`oc`). You can verify if the required AWS resource quotas are available by using the ROSA CLI. +. xref:../rosa_getting_started_iam/rosa-creating-cluster.adoc#rosa-creating-cluster[Create a ROSA cluster] or xref:../rosa_getting_started_iam/rosa-aws-privatelink-creating-cluster.adoc#rosa-aws-privatelink-creating-cluster[Create a ROSA cluster using AWS PrivateLink]. Use the ROSA CLI (`rosa`) to create a cluster. You can optionally create a ROSA cluster with AWS PrivateLink. +. xref:../rosa_getting_started_iam/rosa-accessing-cluster.adoc#rosa-accessing-cluster[Access a cluster]. You can configure an identity provider and grant cluster administrator privileges to the identity provider users as required. You can also access a newly-deployed cluster quickly by configuring a `cluster-admin` user. +. xref:../rosa_getting_started_iam/rosa-deleting-access-cluster.adoc#rosa-deleting-access-cluster[Revoke access to a ROSA cluster for a user]. You can revoke access to a ROSA cluster from a user by using the ROSA CLI or the web console. +. xref:../rosa_getting_started_iam/rosa-deleting-cluster.adoc#rosa-deleting-cluster[Delete a ROSA cluster]. You can delete a ROSA cluster by using the ROSA CLI (`rosa`). + +[id="additional_resources_{context}"] +[role="_additional-resources"] +== Additional resources + +* For information about using the ROSA deployment workflow to create a cluster that uses the AWS Security Token Service (STS), see xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-overview-of-the-deployment-workflow[Understanding the ROSA with STS deployment workflow]. diff --git a/rosa_getting_started/rosa_getting_started_iam/rosa-installing-rosa.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-installing-rosa.adoc new file mode 100644 index 0000000000..faca15ebc1 --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-installing-rosa.adoc @@ -0,0 +1,24 @@ +:_content-type: ASSEMBLY +[id="rosa-installing-rosa"] += Installing ROSA +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-installing-rosa + +toc::[] + +After you configure your AWS account, install {product-title} (ROSA). + +include::modules/rosa-installing.adoc[leveloffset=+1] + +[id="next-steps_rosa-installing-rosa"] +== Next steps + +* xref:../rosa_getting_started_iam/rosa-creating-cluster.adoc#rosa-creating-cluster[Create a ROSA cluster] or xref:../rosa_getting_started_iam/rosa-aws-privatelink-creating-cluster.adoc#rosa-aws-privatelink-creating-cluster[Create an AWS PrivateLink cluster on ROSA]. + +[id="additional-resources_rosa-installing-rosa"] +[role="_additional-resources"] +== Additional resources + +* xref:../../rosa_planning/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites] +* xref:../rosa_getting_started_iam/rosa-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas[Required AWS service quotas and requesting increases] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started/rosa-quickstart.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-quickstart.adoc similarity index 68% rename from rosa_getting_started/rosa-quickstart.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-quickstart.adoc index d829817064..5a69c23af8 100644 --- a/rosa_getting_started/rosa-quickstart.adoc +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-quickstart.adoc @@ -10,4 +10,4 @@ include::modules/rosa-quickstart-instructions.adoc[leveloffset=+1] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started/rosa-required-aws-service-quotas.adoc b/rosa_getting_started/rosa_getting_started_iam/rosa-required-aws-service-quotas.adoc similarity index 63% rename from rosa_getting_started/rosa-required-aws-service-quotas.adoc rename to rosa_getting_started/rosa_getting_started_iam/rosa-required-aws-service-quotas.adoc index 8895b6683c..c7f083e46b 100644 --- a/rosa_getting_started/rosa-required-aws-service-quotas.adoc +++ b/rosa_getting_started/rosa_getting_started_iam/rosa-required-aws-service-quotas.adoc @@ -11,9 +11,9 @@ Review this list of the required Amazon Web Service (AWS) service quotas that ar include::modules/rosa-required-aws-service-quotas.adoc[leveloffset=+1] == Next steps -* xref:../rosa_getting_started/rosa-config-aws-account.adoc#rosa-config-aws-account[Configure your AWS account] +* xref:../rosa_getting_started_iam/rosa-config-aws-account.adoc#rosa-config-aws-account[Configure your AWS account] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* xref:../rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started/rosa_getting_started_iam/snippets b/rosa_getting_started/rosa_getting_started_iam/snippets new file mode 120000 index 0000000000..9f5bc7e4dd --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_iam/snippets @@ -0,0 +1 @@ +../snippets \ No newline at end of file diff --git a/rosa_getting_started/rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc new file mode 100644 index 0000000000..dd5944c993 --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc @@ -0,0 +1,32 @@ +:_content-type: ASSEMBLY +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-sts-aws-prereqs +[id="rosa-sts-aws-prereqs"] += AWS prerequisites for ROSA with STS + +toc::[] + +{product-title} (ROSA) provides a model that allows Red Hat to deploy clusters into a customer’s existing Amazon Web Service (AWS) account. + +Ensure that the following AWS prerequisites are met before installing ROSA with STS. + +include::modules/rosa-aws-understand.adoc[leveloffset=+1] + +[IMPORTANT] +==== +When you create a ROSA cluster using AWS STS, an associated AWS OpenID Connect (OIDC) identity provider is created as well. This OIDC provider configuration relies on a public key that is located in the `us-east-1` AWS region. Customers with AWS SCPs must allow the use of the `us-east-1` AWS region, even if these clusters are deployed in a different region. +==== + +include::modules/rosa-sts-aws-requirements.adoc[leveloffset=+1] +include::modules/rosa-requirements-deploying-in-opt-in-regions.adoc[leveloffset=+1] +include::modules/rosa-setting-the-aws-security-token-version.adoc[leveloffset=+2] +include::modules/rosa-sts-aws-iam.adoc[leveloffset=+1] +include::modules/rosa-aws-provisioned.adoc[leveloffset=+1] + +== Next steps +xref:../rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Review the required AWS service quotas] + +[role="_additional-resources"] +== Additional resources +* See xref:../../rosa_planning/rosa-limits-scalability.adoc#initial-planning-considerations_rosa-limits-scalability[Intial Planning Considerations] for guidance on worker node count. +* See xref:../../rosa_architecture/rosa-policy-process-security.adoc#rosa-policy-sre-access_rosa-policy-process-security[SRE access to all Red Hat OpenShift Service on AWS clusters] for information about how Red Hat site reliability engineering accesses ROSA clusters. diff --git a/rosa_getting_started/rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc new file mode 100644 index 0000000000..79ec484b3c --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc @@ -0,0 +1,32 @@ +:_content-type: ASSEMBLY +[id="rosa-sts-understanding-the-deployment-workflow"] += Understanding the ROSA with STS deployment workflow +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-sts-overview-of-the-deployment-workflow + +toc::[] + +Before you create a {product-title} (ROSA) cluster, you must complete the AWS prerequisites, verify that the required AWS service quotas are available, and set up your environment. + +This document provides an overview of the ROSA with STS deployment workflow stages and refers to detailed resources for each stage. + +[id="rosa-sts-overview-of-the-deployment-workflow"] +== Overview of the ROSA with STS deployment workflow + +The AWS Security Token Service (STS) is a global web service that provides short-term credentials for IAM or federated users. You can use AWS STS with {product-title} (ROSA) to allocate temporary, limited-privilege credentials for component-specific IAM roles. The service enables cluster components to make AWS API calls using secure cloud resource management practices. + +You can follow the workflow stages outlined in this section to set up and access a ROSA cluster that uses STS. + +. xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[Complete the AWS prerequisites for ROSA with STS]. To deploy a ROSA cluster with STS, your AWS account must meet the prerequisite requirements. +. xref:../rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Review the required AWS service quotas]. To prepare for your cluster deployment, review the AWS service quotas that are required to run a ROSA cluster. +. xref:../rosa_getting_started/rosa-sts-setting-up-environment.adoc#rosa-sts-setting-up-environment[Set up the environment and install ROSA using STS]. Before you create a ROSA with STS cluster, you must enable ROSA in your AWS account, install and configure the required CLI tools, and verify the configuration of the CLI tools. You must also verify that the AWS Elastic Load Balancing (ELB) service role exists and that the required AWS resource quotas are available. +. xref:../rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Create a ROSA cluster with STS quickly] or xref:../rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[create a cluster using customizations]. Use the ROSA CLI (`rosa`) to create a cluster with STS. You can create a cluster by using the default options, or you can apply customizations to suit the needs of your organization. +. xref:../rosa_getting_started/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Access your cluster]. You can configure an identity provider and grant cluster administrator privileges to the identity provider users as required. You can also access a newly-deployed cluster quickly by configuring a `cluster-admin` user. +. xref:../rosa_getting_started/rosa-sts-deleting-access-cluster.adoc#rosa-sts-deleting-access-cluster[Revoke access to a ROSA cluster for a user]. You can revoke access to a ROSA with STS cluster from a user by using the ROSA CLI or the web console. +. xref:../rosa_getting_started/rosa-sts-deleting-cluster.adoc#rosa-sts-deleting-cluster[Delete a ROSA cluster]. You can delete a ROSA with STS cluster by using the ROSA CLI (`rosa`). After deleting a cluster, you can delete the STS resources by using the AWS Identity and Access Management (IAM) Console. + +[id="additional_resources_{context}"] +[role="_additional-resources"] +== Additional resources + +* For information about using the ROSA deployment workflow to create a cluster that does not use AWS STS, see xref:../rosa_getting_started/rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow]. diff --git a/rosa_getting_started/rosa_getting_started_sts/rosa-sts-interactive-mode-reference.adoc b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-interactive-mode-reference.adoc new file mode 100644 index 0000000000..23d68a9a9b --- /dev/null +++ b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-interactive-mode-reference.adoc @@ -0,0 +1,20 @@ +:_content-type: ASSEMBLY +[id="rosa-sts-interactive-mode-reference"] += Interactive cluster creation mode reference +include::_attributes/attributes-openshift-dedicated.adoc[] +:context: rosa-sts-interactive-mode-reference + +toc::[] + +This section provides an overview of the options that are presented when you use the interactive mode to create a cluster through the `rosa` CLI. + +include::modules/rosa-sts-interactive-mode-reference.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_rosa-sts-interactive-mode-reference"] +== Additional resources +* For a list of the supported maximums, see xref:../rosa_planning/rosa-limits-scalability.adoc#tested-cluster-maximums_rosa-limits-scalability[ROSA tested cluster maximums]. +* For detailed steps to quickly create a ROSA cluster with STS, including the AWS IAM resources, see xref:../rosa_getting_started/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Creating a ROSA cluster with STS quickly]. +* For detailed steps to create a ROSA cluster with STS using customizations, including the AWS IAM resources, see xref:../rosa_getting_started/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[Creating a ROSA cluster with STS using customizations]. +* For more information about etcd encryption, see the xref:../rosa_architecture/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition]. +* For an example VPC architecture, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-vpc_rosa-sts-aws-prereqs[this sample VPC architecture]. diff --git a/rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc similarity index 63% rename from rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc rename to rosa_getting_started/rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc index 735caa809b..2ab8edaed0 100644 --- a/rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc +++ b/rosa_getting_started/rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc @@ -13,11 +13,11 @@ include::modules/rosa-sts-setting-up-environment.adoc[leveloffset=+1] [id="next-steps_rosa-sts-setting-up-environment"] == Next steps -* xref:../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Create a ROSA cluster with STS quickly] or xref:../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[create a cluster using customizations]. +* xref:../rosa_getting_started_sts/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Create a ROSA cluster with STS quickly] or xref:../rosa_getting_started_sts/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[create a cluster using customizations]. [id="additional-resources"] [role="_additional-resources"] == Additional resources -* xref:../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS Prerequisites] +* xref:../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS Prerequisites] * xref:../rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Required AWS service quotas and increase requests] diff --git a/rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc b/rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc deleted file mode 100644 index 768e2cebf3..0000000000 --- a/rosa_getting_started_sts/rosa-sts-getting-started-workflow.adoc +++ /dev/null @@ -1,35 +0,0 @@ -:_content-type: ASSEMBLY -[id="rosa-sts-understanding-the-deployment-workflow"] -= Understanding the ROSA with STS deployment workflow -include::_attributes/attributes-openshift-dedicated.adoc[] -:context: rosa-sts-overview-of-the-deployment-workflow - -toc::[] - -Before you create a {product-title} (ROSA) cluster, you must complete the AWS prerequisites, verify that the required AWS service quotas are available, and set up your environment. - -This document provides an overview of the ROSA with STS deployment workflow stages and refers to detailed resources for each stage. - -[id="rosa-sts-overview-of-the-deployment-workflow"] -== Overview of the ROSA with STS deployment workflow - -The AWS Security Token Service (STS) is a global web service that provides short-term credentials for IAM or federated users. You can use AWS STS with {product-title} (ROSA) to allocate temporary, limited-privilege credentials for component-specific IAM roles. The service enables cluster components to make AWS API calls using secure cloud resource management practices. - -You can follow the workflow stages outlined in this section to set up and access a ROSA cluster that uses STS. - -. xref:../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[Complete the AWS prerequisites for ROSA with STS]: To deploy a ROSA cluster with STS, your AWS account must meet the prerequisite requirements. -. xref:../rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Review the required AWS service quotas]. To prepare for your cluster deployment, review the AWS service quotas that are required to run a ROSA cluster. -. xref:../rosa_getting_started_sts/rosa-sts-setting-up-environment.adoc#rosa-sts-setting-up-environment[Set up the environment and install ROSA using STS]. Before you create a ROSA with STS cluster, you must enable ROSA in your AWS account, install and configure the required CLI tools, and verify the configuration of the CLI tools. You must also verify that the AWS Elastic Load Balancing (ELB) service role exists and that the required AWS resource quotas are available. -. xref:../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Create a ROSA cluster with STS quickly] or xref:../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[create a cluster using customizations]. Use the ROSA CLI (`rosa`) to create a cluster with STS. You can create a cluster by using the default options or you can apply customizations to suit the needs of your organization. -. xref:../rosa_getting_started_sts/rosa-sts-accessing-cluster.adoc#rosa-sts-accessing-cluster[Access your cluster]. You can configure an identity provider and grant cluster administrator privileges to the identity provider users as required. You can also access a newly deployed cluster quickly by configuring a `cluster-admin` user. -. xref:../rosa_getting_started_sts/rosa-sts-deleting-access-cluster.adoc#rosa-sts-deleting-access-cluster[Revoke access to a ROSA cluster for a user]. You can revoke access to a ROSA with STS cluster from a user by using the ROSA CLI or the web console. -. xref:../rosa_getting_started_sts/rosa-sts-deleting-cluster.adoc#rosa-sts-deleting-cluster[Delete a ROSA cluster]. You can delete a ROSA with STS cluster by using the ROSA CLI (`rosa`). After deleting a cluster, you can delete the STS resources by using the AWS Identity and Access Management (IAM) Console. - -[id="additional_resources_{context}"] -[role="_additional-resources"] -== Additional resources - -* For information about using the ROSA deployment workflow to create a cluster that does not use AWS STS, see xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow]. -* xref:../rosa_getting_started_sts/rosa-sts-config-identity-providers.adoc#rosa-sts-config-identity-providers[Configuring identity providers for STS] -* xref:../rosa_getting_started_sts/rosa-sts-deleting-cluster.adoc#rosa-sts-deleting-cluster[Deleting a cluster] -* xref:../rosa_getting_started_sts/rosa-sts-deleting-access-cluster.adoc#rosa-sts-deleting-access-cluster[Deleting access to a cluster] diff --git a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/images b/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/images deleted file mode 120000 index 5fa6987088..0000000000 --- a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/images +++ /dev/null @@ -1 +0,0 @@ -../../images \ No newline at end of file diff --git a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/modules b/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/modules deleted file mode 120000 index 8b0e854007..0000000000 --- a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/modules +++ /dev/null @@ -1 +0,0 @@ -../../modules \ No newline at end of file diff --git a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-interactive-mode-reference.adoc b/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-interactive-mode-reference.adoc deleted file mode 100644 index f58d91930c..0000000000 --- a/rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-interactive-mode-reference.adoc +++ /dev/null @@ -1,20 +0,0 @@ -:_content-type: ASSEMBLY -[id="rosa-sts-interactive-mode-reference"] -= Interactive cluster creation mode reference -include::_attributes/attributes-openshift-dedicated.adoc[] -:context: rosa-sts-interactive-mode-reference - -toc::[] - -This section provides an overview of the options that are presented when you use the interactive mode to create a cluster through the `rosa` CLI. - -include::modules/rosa-sts-interactive-mode-reference.adoc[leveloffset=+1] - -[role="_additional-resources"] -[id="additional-resources_rosa-sts-interactive-mode-reference"] -== Additional resources -* For a list of the supported maximums, see xref:../../rosa_planning/rosa-limits-scalability.adoc#tested-cluster-maximums_rosa-limits-scalability[ROSA tested cluster maximums]. -* For detailed steps to quickly create a ROSA cluster with STS, including the AWS IAM resources, see xref:../../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-quickly.adoc#rosa-sts-creating-a-cluster-quickly[Creating a ROSA cluster with STS quickly]. -* For detailed steps to create a ROSA cluster with STS using customizations, including the AWS IAM resources, see xref:../../rosa_getting_started_sts/rosa_creating_a_cluster_with_sts/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-a-cluster-with-customizations[Creating a ROSA cluster with STS using customizations]. -* For more information about etcd encryption, see the xref:../../rosa_policy/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition]. -* For an example VPC architecture, see xref:../../rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc#rosa-vpc_rosa-sts-aws-prerequisites[this sample VPC architecture]. diff --git a/rosa_glossary/images b/rosa_glossary/images new file mode 120000 index 0000000000..5e67573196 --- /dev/null +++ b/rosa_glossary/images @@ -0,0 +1 @@ +../images \ No newline at end of file diff --git a/rosa_glossary/modules b/rosa_glossary/modules new file mode 120000 index 0000000000..464b823aca --- /dev/null +++ b/rosa_glossary/modules @@ -0,0 +1 @@ +../modules \ No newline at end of file diff --git a/rosa_getting_started/rosa-aws-prereqs.adoc b/rosa_planning/rosa-aws-prereqs.adoc similarity index 58% rename from rosa_getting_started/rosa-aws-prereqs.adoc rename to rosa_planning/rosa-aws-prereqs.adoc index 477f04ce27..b065e3ac95 100644 --- a/rosa_getting_started/rosa-aws-prereqs.adoc +++ b/rosa_planning/rosa-aws-prereqs.adoc @@ -9,7 +9,7 @@ toc::[] {product-title} (ROSA) provides a model that allows Red Hat to deploy clusters into a customer’s existing Amazon Web Service (AWS) account. -You must ensure that the prerequisites are met before installing ROSA. This requirements document does not apply to AWS Security Token Service (STS). If you are using STS, see the link:https://docs.openshift.com/rosa/rosa_getting_started_sts/rosa-sts-aws-prereqs.html[STS-specific requirements]. +You must ensure that the prerequisites are met before installing ROSA. This requirements document does not apply to AWS Security Token Service (STS). If you are using STS, see the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-aws-prereqs_rosa-sts-aws-prereqs[STS-specific requirements]. include::modules/rosa-aws-understand.adoc[leveloffset=+1] include::modules/rosa-aws-requirements.adoc[leveloffset=+1] @@ -20,10 +20,10 @@ include::modules/rosa-aws-provisioned.adoc[leveloffset=+1] include::modules/osd-aws-privatelink-firewall-prerequisites.adoc[leveloffset=+1] == Next steps -xref:../rosa_getting_started/rosa-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas[Review the required AWS service quotas] +xref:../rosa_getting_started/rosa_getting_started_iam/rosa-required-aws-service-quotas.adoc#rosa-required-aws-service-quotas[Review the required AWS service quotas] [role="_additional-resources"] == Additional resources * See xref:../rosa_planning/rosa-limits-scalability.adoc#initial-planning-considerations_rosa-limits-scalability[Intial Planning Considerations] for guidance on worker node count. -* See xref:../rosa_policy/rosa-policy-process-security.adoc#rosa-policy-sre-access_rosa-policy-process-security[SRE access to all Red Hat OpenShift Service on AWS clusters] for information about how Red Hat site reliability engineering accesses ROSA clusters. -* xref:../rosa_getting_started/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] +* See xref:../rosa_architecture/rosa-policy-process-security.adoc#rosa-policy-sre-access_rosa-policy-process-security[SRE access to all Red Hat OpenShift Service on AWS clusters] for information about how Red Hat site reliability engineering accesses ROSA clusters. +* xref:../rosa_getting_started/rosa_getting_started_iam/rosa-getting-started-workflow.adoc#rosa-understanding-the-deployment-workflow[Understanding the ROSA deployment workflow] diff --git a/rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc b/rosa_planning/rosa-sts-aws-prereqs.adoc similarity index 74% rename from rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc rename to rosa_planning/rosa-sts-aws-prereqs.adoc index d200158b2b..11fb8f50b7 100644 --- a/rosa_getting_started_sts/rosa-sts-aws-prereqs.adoc +++ b/rosa_planning/rosa-sts-aws-prereqs.adoc @@ -1,10 +1,10 @@ :_content-type: ASSEMBLY include::_attributes/attributes-openshift-dedicated.adoc[] -:context: rosa-sts-aws-prerequisites - -[id="rosa-sts-aws-prerequisites"] +:context: rosa-sts-aws-prereqs +[id="rosa-sts-aws-prereqs"] = AWS prerequisites for ROSA with STS + toc::[] {product-title} (ROSA) provides a model that allows Red Hat to deploy clusters into a customer’s existing Amazon Web Service (AWS) account. @@ -25,9 +25,9 @@ include::modules/rosa-sts-aws-iam.adoc[leveloffset=+1] include::modules/rosa-aws-provisioned.adoc[leveloffset=+1] == Next steps -xref:../rosa_getting_started_sts/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Review the required AWS service quotas] +xref:../rosa_getting_started/rosa-sts-required-aws-service-quotas.adoc#rosa-sts-required-aws-service-quotas[Review the required AWS service quotas] [role="_additional-resources"] == Additional resources * See xref:../rosa_planning/rosa-limits-scalability.adoc#initial-planning-considerations_rosa-limits-scalability[Intial Planning Considerations] for guidance on worker node count. -* See xref:../rosa_policy/rosa-policy-process-security.adoc#rosa-policy-sre-access_rosa-policy-process-security[SRE access to all Red Hat OpenShift Service on AWS clusters] for information about how Red Hat site reliability engineering accesses ROSA clusters. +* See xref:../rosa_architecture/rosa-policy-process-security.adoc#rosa-policy-sre-access_rosa-policy-process-security[SRE access to all Red Hat OpenShift Service on AWS clusters] for information about how Red Hat site reliability engineering accesses ROSA clusters. diff --git a/rosa_release_notes/images b/rosa_release_notes/images new file mode 120000 index 0000000000..5e67573196 --- /dev/null +++ b/rosa_release_notes/images @@ -0,0 +1 @@ +../images \ No newline at end of file diff --git a/rosa_release_notes/modules b/rosa_release_notes/modules new file mode 120000 index 0000000000..464b823aca --- /dev/null +++ b/rosa_release_notes/modules @@ -0,0 +1 @@ +../modules \ No newline at end of file diff --git a/upgrading/rosa-upgrading-sts.adoc b/upgrading/rosa-upgrading-sts.adoc index ef131f29e8..86b7c1aabb 100644 --- a/upgrading/rosa-upgrading-sts.adoc +++ b/upgrading/rosa-upgrading-sts.adoc @@ -9,7 +9,7 @@ toc::[] [id="rosa-lifecycle-policy_{context}"] == Life cycle policies and planning -To plan an upgrade, review the xref:../rosa_policy/rosa-life-cycle.adoc#rosa-life-cycle[{product-title} update life cycle]. The life cycle page includes release definitions, support and upgrade requirements, installation policy information and life cycle dates. +To plan an upgrade, review the xref:../rosa_architecture/rosa-life-cycle.adoc#rosa-life-cycle[{product-title} update life cycle]. The life cycle page includes release definitions, support and upgrade requirements, installation policy information and life cycle dates. [id="rosa-sts-upgrading-a-cluster-with-sts"] == Upgrading a ROSA cluster that uses STS diff --git a/upgrading/rosa-upgrading.adoc b/upgrading/rosa-upgrading.adoc index a088d128f3..df6a11e02b 100644 --- a/upgrading/rosa-upgrading.adoc +++ b/upgrading/rosa-upgrading.adoc @@ -9,7 +9,7 @@ toc::[] [id="rosa-lifecycle-policy_{context}"] == Life cycle policies and planning -To plan an upgrade, review the xref:../rosa_policy/rosa-life-cycle.adoc#rosa-life-cycle[{product-title} update life cycle]. The life cycle page includes release definitions, support and upgrade requirements, installation policy information and life cycle dates. +To plan an upgrade, review the xref:../rosa_architecture/rosa-life-cycle.adoc#rosa-life-cycle[{product-title} update life cycle]. The life cycle page includes release definitions, support and upgrade requirements, installation policy information and life cycle dates. [id="rosa-sts-upgrading-a-cluster"] == Upgrading a ROSA cluster