mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 21:46:22 +01:00
topic map fix
This commit is contained in:
JoeAldinger
committed by
openshift-cherrypick-robot
openshift-cherrypick-robot
parent
fba7c6f5d4
commit
ccede4d0f0
@@ -749,10 +749,6 @@ Topics:
|
||||
File: dns-operator
|
||||
- Name: Ingress Operator in OpenShift Dedicated
|
||||
File: ingress-operator
|
||||
- Name: Network verification
|
||||
File: network-verification
|
||||
- Name: Configuring a cluster-wide proxy during installation
|
||||
File: configuring-cluster-wide-proxy
|
||||
- Name: Network security
|
||||
Dir: network_security
|
||||
Distros: openshift-dedicated
|
||||
@@ -773,15 +769,18 @@ Topics:
|
||||
File: deleting-network-policy
|
||||
- Name: Configuring multitenant isolation with network policy
|
||||
File: multitenant-network-policy
|
||||
- Name: Network verification
|
||||
File: network-verification
|
||||
- Name: OVN-Kubernetes network plugin
|
||||
Dir: ovn_kubernetes_network_provider
|
||||
Distros: openshift-dedicated
|
||||
Topics:
|
||||
- Name: About the OVN-Kubernetes network plugin
|
||||
File: about-ovn-kubernetes
|
||||
- Name: Migrating from the OpenShift SDN network plugin
|
||||
File: migrate-from-openshift-sdn-osd
|
||||
# - Name: Migrating from the OpenShift SDN network plugin
|
||||
# File: migrate-from-openshift-sdn
|
||||
- Name: Configuring a cluster-wide proxy during installation
|
||||
File: configuring-cluster-wide-proxy
|
||||
- Name: OpenShift SDN network plugin
|
||||
Dir: ovn_kubernetes_network_provider
|
||||
Topics:
|
||||
|
||||
@@ -1001,10 +1001,6 @@ Topics:
|
||||
File: ingress-operator
|
||||
- Name: Ingress Node Firewall Operator in Red Hat OpenShift Service on AWS
|
||||
File: ingress-node-firewall-operator
|
||||
- Name: Network verification
|
||||
File: network-verification
|
||||
- Name: Configuring a cluster-wide proxy during installation
|
||||
File: configuring-cluster-wide-proxy
|
||||
- Name: Network security
|
||||
Dir: network_security
|
||||
Distros: openshift-rosa
|
||||
@@ -1037,6 +1033,8 @@ Topics:
|
||||
File: default-network-policy
|
||||
- Name: Configuring multitenant isolation with network policy
|
||||
File: multitenant-network-policy
|
||||
- Name: Network verification
|
||||
File: network-verification
|
||||
- Name: Audit logging for network security
|
||||
File: logging-network-security
|
||||
- Name: OVN-Kubernetes network plugin
|
||||
@@ -1048,6 +1046,8 @@ Topics:
|
||||
File: configuring-egress-ips-ovn
|
||||
- Name: Migrating from OpenShift SDN network plugin to OVN-Kubernetes network plugin
|
||||
File: migrate-from-openshift-sdn
|
||||
- Name: Configuring a cluster-wide proxy during installation
|
||||
File: configuring-cluster-wide-proxy
|
||||
- Name: OpenShift SDN network plugin
|
||||
Dir: ovn_kubernetes_network_provider
|
||||
Topics:
|
||||
|
||||
@@ -38,10 +38,10 @@ The network verification includes checks for each of the following requirements:
|
||||
* The VPC has `enableDnsSupport` enabled.
|
||||
* The VPC has `enableDnsHostnames` enabled.
|
||||
ifdef::openshift-dedicated[]
|
||||
* Egress is available to the required domain and port combinations that are specified in the xref:../osd_planning/aws-ccs.adoc#osd-aws-privatelink-firewall-prerequisites_aws-ccs[AWS firewall prerequisites] section.
|
||||
* Egress is available to the required domain and port combinations that are specified in the xref:../../osd_planning/aws-ccs.adoc#osd-aws-privatelink-firewall-prerequisites_aws-ccs[AWS firewall prerequisites] section.
|
||||
endif::openshift-dedicated[]
|
||||
ifdef::openshift-rosa[]
|
||||
* Egress is available to the required domain and port combinations that are specified in the xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites] section.
|
||||
* Egress is available to the required domain and port combinations that are specified in the xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-classic-firewall-prerequisites_rosa-sts-aws-prereqs[AWS firewall prerequisites] section.
|
||||
endif::openshift-rosa[]
|
||||
|
||||
include::modules/automatic-network-verification-bypassing.adoc[leveloffset=+1]
|
||||
@@ -33,11 +33,11 @@ include::modules/cluster-wide-proxy-preqs.adoc[leveloffset=+1]
|
||||
.Additional resources
|
||||
|
||||
ifdef::openshift-rosa[]
|
||||
* For the installation prerequisites for ROSA clusters that use the AWS Security Token Service (STS), see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS].
|
||||
* For the installation prerequisites for ROSA clusters that do not use STS, see xref:../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites for ROSA].
|
||||
* For the installation prerequisites for ROSA clusters that use the AWS Security Token Service (STS), see xref:../../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prerequisites[AWS prerequisites for ROSA with STS].
|
||||
* For the installation prerequisites for ROSA clusters that do not use STS, see xref:../../rosa_install_access_delete_clusters/rosa_getting_started_iam/rosa-aws-prereqs.adoc#prerequisites[AWS prerequisites for ROSA].
|
||||
endif::openshift-rosa[]
|
||||
ifdef::openshift-dedicated[]
|
||||
* For the installation prerequisites for {product-title} clusters that use the Customer Cloud Subscription (CCS) model, see xref:../osd_planning/aws-ccs.adoc#aws-ccs[Customer Cloud Subscriptions on AWS] or xref:../osd_planning/gcp-ccs.adoc#gcp-ccs[Customer Cloud Subscriptions on GCP].
|
||||
* For the installation prerequisites for {product-title} clusters that use the Customer Cloud Subscription (CCS) model, see xref:../../osd_planning/aws-ccs.adoc#aws-ccs[Customer Cloud Subscriptions on AWS] or xref:../../osd_planning/gcp-ccs.adoc#gcp-ccs[Customer Cloud Subscriptions on GCP].
|
||||
endif::openshift-dedicated[]
|
||||
|
||||
include::modules/configuring-a-proxy-trust-bundle-responsibilities.adoc[leveloffset=+1]
|
||||
@@ -62,12 +62,12 @@ endif::openshift-rosa[]
|
||||
.Additional resources
|
||||
|
||||
ifdef::openshift-rosa[]
|
||||
* xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-cluster-customizations-ocm_rosa-sts-creating-a-cluster-with-customizations[Creating a cluster with customizations by using OpenShift Cluster Manager]
|
||||
* xref:../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-cluster-customizations-cli_rosa-sts-creating-a-cluster-with-customizations[Creating a cluster with customizations using the CLI]
|
||||
* xref:../../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-cluster-customizations-ocm_rosa-sts-creating-a-cluster-with-customizations[Creating a cluster with customizations by using OpenShift Cluster Manager]
|
||||
* xref:../../rosa_install_access_delete_clusters/rosa-sts-creating-a-cluster-with-customizations.adoc#rosa-sts-creating-cluster-customizations-cli_rosa-sts-creating-a-cluster-with-customizations[Creating a cluster with customizations using the CLI]
|
||||
endif::openshift-rosa[]
|
||||
ifdef::openshift-dedicated[]
|
||||
* xref:../osd_aws_clusters/creating-an-aws-cluster.adoc#osd-create-aws-cluster-ccs_osd-creating-a-cluster-on-aws[Creating a cluster on AWS]
|
||||
* xref:../osd_gcp_clusters/creating-a-gcp-cluster-with-workload-identity-federation.adoc#osd-creating-a-cluster-on-gcp-with-workload-identity-federation[Creating a cluster on GCP with Workload Identity Federation authentication]
|
||||
* xref:../../osd_aws_clusters/creating-an-aws-cluster.adoc#osd-create-aws-cluster-ccs_osd-creating-a-cluster-on-aws[Creating a cluster on AWS]
|
||||
* xref:../../osd_gcp_clusters/creating-a-gcp-cluster-with-workload-identity-federation.adoc#osd-creating-a-cluster-on-gcp-with-workload-identity-federation[Creating a cluster on GCP with Workload Identity Federation authentication]
|
||||
endif::openshift-dedicated[]
|
||||
|
||||
[id="configuring-a-proxy-after-installation_{context}"]
|
||||
@@ -1,28 +0,0 @@
|
||||
:_mod-docs-content-type: ASSEMBLY
|
||||
[id="using-cookies-to-keep-route-statefulness"]
|
||||
= Using cookies to keep route statefulness
|
||||
{product-author}
|
||||
{product-version}
|
||||
:data-uri:
|
||||
:icons:
|
||||
:experimental:
|
||||
:toc: macro
|
||||
:toc-title:
|
||||
:prewrap!:
|
||||
:context: using-cookies-to-keep-route-statefulness
|
||||
|
||||
toc::[]
|
||||
|
||||
{product-title} provides sticky sessions, which enables stateful application
|
||||
traffic by ensuring all traffic hits the same endpoint. However, if the endpoint
|
||||
pod terminates, whether through restart, scaling, or a change in configuration,
|
||||
this statefulness can disappear.
|
||||
|
||||
{product-title} can use cookies to configure session persistence. The router
|
||||
selects an endpoint to handle any user requests, and creates a cookie for the
|
||||
session. The cookie is passed back in the response to the request and the user
|
||||
sends the cookie back with the next request in the session. The cookie tells the
|
||||
router which endpoint is handling the session, ensuring that client requests use
|
||||
the cookie so that they are routed to the same pod.
|
||||
|
||||
include::modules/annotating-a-route-with-a-cookie-name.adoc[leveloffset=+1]
|
||||
@@ -16,7 +16,7 @@ ifndef::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
|
||||
* xref:../../networking/configuring_network_settings/enable-cluster-wide-proxy.adoc#enable-cluster-wide-proxy[Configuring the cluster-wide proxy]
|
||||
endif::openshift-dedicated,openshift-rosa,openshift-rosa-hcp[]
|
||||
ifdef::openshift-dedicated,openshift-rosa[]
|
||||
* xref:../../networking/configuring-cluster-wide-proxy.adoc#configuring-cluster-wide-proxy[Configuring a cluster-wide proxy]
|
||||
* xref:../../networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc#configuring-cluster-wide-proxy[Configuring a cluster-wide proxy]
|
||||
endif::openshift-dedicated,openshift-rosa[]
|
||||
|
||||
// This xref points to a topic that is not currently included in the OSD and ROSA docs.
|
||||
|
||||
@@ -35,7 +35,7 @@ include::modules/sdpolicy-networking.adoc[leveloffset=+1]
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
* For more information about the network verification checks, see xref:../../networking/network-verification.adoc#network-verification[Network verification].
|
||||
* For more information about the network verification checks, see xref:../../networking/network_security/network-verification.adoc#network-verification[Network verification].
|
||||
|
||||
include::modules/sdpolicy-storage.adoc[leveloffset=+1]
|
||||
include::modules/sdpolicy-platform.adoc[leveloffset=+1]
|
||||
|
||||
@@ -20,7 +20,7 @@ include::modules/osd-create-cluster-ccs-aws.adoc[leveloffset=+1]
|
||||
[id="additional-resources_{context}"]
|
||||
== Additional resources
|
||||
|
||||
* For information about configuring a proxy with {product-title}, see xref:../networking/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For information about configuring a proxy with {product-title}, see xref:../networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For details about the AWS service control policies required for CCS deployments, see xref:../osd_planning/aws-ccs.adoc#ccs-aws-scp_aws-ccs[Minimum required service control policy (SCP)].
|
||||
* For information about persistent storage for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#sdpolicy-storage_osd-service-definition[Storage] section in the {product-title} service definition.
|
||||
* For information about load balancers for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#load-balancers_osd-service-definition[Load balancers] section in the {product-title} service definition.
|
||||
|
||||
@@ -29,7 +29,7 @@ include::modules/osd-create-cluster-ccs.adoc[leveloffset=+1]
|
||||
* For information about Workload Identity Federation, see xref:../osd_gcp_clusters/creating-a-gcp-cluster-with-workload-identity-federation.adoc#osd-creating-a-cluster-on-gcp-with-workload-identity-federation[Creating a cluster on GCP with Workload Identity Federation authentication].
|
||||
|
||||
* For information about Private Service Connect (PSC), see xref:../osd_gcp_clusters/creating-a-gcp-psc-enabled-private-cluster.adoc#creating-a-gcp-psc-enabled-private-cluster[Private Service Connect overview].
|
||||
* For information about configuring a proxy with {product-title}, see xref:../networking/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For information about configuring a proxy with {product-title}, see xref:../networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For information about persistent storage for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#sdpolicy-storage_osd-service-definition[Storage] section in the {product-title} service definition.
|
||||
* For information about load balancers for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#load-balancers_osd-service-definition[Load balancers] section in the {product-title} service definition.
|
||||
* For more information about etcd encryption, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#etcd-encryption_osd-service-definition[etcd encryption service definition].
|
||||
|
||||
@@ -20,7 +20,7 @@ include::modules/osd-create-cluster-ccs-aws.adoc[leveloffset=+1]
|
||||
[id="additional-resources_{context}"]
|
||||
== Additional resources
|
||||
|
||||
* For information about configuring a proxy with {product-title}, see xref:../networking/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For information about configuring a proxy with {product-title}, see xref:../networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For details about the AWS service control policies required for CCS deployments, see xref:../osd_planning/aws-ccs.adoc#ccs-aws-scp_aws-ccs[Minimum required service control policy (SCP)].
|
||||
* For information about persistent storage for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#sdpolicy-storage_osd-service-definition[Storage] section in the {product-title} service definition.
|
||||
* For information about load balancers for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#load-balancers_osd-service-definition[Load balancers] section in the {product-title} service definition.
|
||||
|
||||
@@ -51,7 +51,7 @@ ifdef::openshift-rosa-hcp[]
|
||||
link:https://docs.openshift.com/rosa/networking/network-verification.html#network-verification[Network verification].
|
||||
endif::openshift-rosa-hcp[]
|
||||
ifndef::openshift-rosa-hcp[]
|
||||
xref:../../networking/network-verification.adoc#network-verification[Network verification].
|
||||
xref:../../networking/network_security/network-verification.adoc#network-verification[Network verification].
|
||||
endif::openshift-rosa-hcp[]
|
||||
|
||||
include::modules/rosa-sdpolicy-storage.adoc[leveloffset=+1]
|
||||
|
||||
@@ -66,12 +66,12 @@ include::modules/rosa-sdpolicy-networking.adoc[leveloffset=+1]
|
||||
[role="_additional-resources"]
|
||||
.Additional resources
|
||||
|
||||
* For more information about the network verification checks, see
|
||||
* For more information about the network verification checks, see
|
||||
ifdef::openshift-rosa-hcp[]
|
||||
link:https://docs.openshift.com/rosa/networking/network-verification.html#network-verification[Network verification].
|
||||
endif::openshift-rosa-hcp[]
|
||||
ifndef::openshift-rosa-hcp[]
|
||||
xref:../../networking/network-verification.adoc#network-verification[Network verification].
|
||||
xref:../../networking/network_security/network-verification.adoc#network-verification[Network verification].
|
||||
endif::openshift-rosa-hcp[]
|
||||
|
||||
include::modules/rosa-sdpolicy-storage.adoc[leveloffset=+1]
|
||||
|
||||
@@ -81,6 +81,6 @@ include::modules/rosa-sts-creating-a-cluster-with-customizations-cli.adoc[levelo
|
||||
* For information about the prerequisites to installing ROSA with STS, see xref:../rosa_planning/rosa-sts-aws-prereqs.adoc#rosa-sts-aws-prereqs[AWS prerequisites for ROSA with STS].
|
||||
* For more information about using OpenID Connect (OIDC) identity providers in AWS IAM, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html[Creating OpenID Connect (OIDC) identity providers] in the AWS documentation.
|
||||
* For more information about etcd encryption, see the xref:../rosa_architecture/rosa_policy_service_definition/rosa-service-definition.adoc#rosa-sdpolicy-etcd-encryption_rosa-service-definition[etcd encryption service definition].
|
||||
* For information about configuring a proxy with ROSA, see xref:../networking/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For information about configuring a proxy with ROSA, see xref:../networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
|
||||
* For more information about troubleshooting ROSA cluster installations, see xref:../support/troubleshooting/rosa-troubleshooting-deployments.adoc#rosa-troubleshooting-cluster-deployments[Troubleshooting cluster deployments].
|
||||
* For steps to contact Red{nbsp}Hat Support for assistance, see xref:../support/getting-support.adoc#getting-support[Getting support for Red{nbsp}Hat OpenShift Service on AWS].
|
||||
|
||||
@@ -124,12 +124,12 @@ $ rosa whoami
|
||||
|
||||
=== OpenShift CLI (`oc`)
|
||||
|
||||
The OpenShift CLI (`oc`) is not required to deploy a
|
||||
The OpenShift CLI (`oc`) is not required to deploy a
|
||||
ifdef::openshift-rosa[]
|
||||
{rosa-classic-short}
|
||||
{rosa-classic-short}
|
||||
endif::openshift-rosa[]
|
||||
ifdef::openshift-rosa-hcp[]
|
||||
{rosa-short}
|
||||
{rosa-short}
|
||||
endif::openshift-rosa-hcp[]
|
||||
cluster, but is a useful tool for interacting with your cluster after it is deployed.
|
||||
|
||||
@@ -164,20 +164,20 @@ endif::openshift-rosa-hcp[]
|
||||
== Service Control Policy (SCP) prerequisites
|
||||
|
||||
ifdef::openshift-rosa[]
|
||||
{rosa-classic-short}
|
||||
{rosa-classic-short}
|
||||
endif::openshift-rosa[]
|
||||
ifdef::openshift-rosa-hcp[]
|
||||
{rosa-short}
|
||||
{rosa-short}
|
||||
endif::openshift-rosa-hcp[]
|
||||
clusters are hosted in an AWS account within an AWS organizational unit. A link:https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html[service control policy (SCP)] is created and applied to the AWS organizational unit that manages what services the AWS sub-accounts are permitted to access.
|
||||
|
||||
* Ensure that your organization's SCPs are not more restrictive than the roles and policies required by the cluster. For more information, see the xref:../rosa_architecture/rosa-sts-about-iam-resources.adoc#rosa-minimum-scp_rosa-sts-about-iam-resources[Minimum set of effective permissions for SCPs].
|
||||
* When you create a
|
||||
* When you create a
|
||||
ifdef::openshift-rosa[]
|
||||
{rosa-classic-short}
|
||||
{rosa-classic-short}
|
||||
endif::openshift-rosa[]
|
||||
ifdef::openshift-rosa-hcp[]
|
||||
{rosa-short}
|
||||
{rosa-short}
|
||||
endif::openshift-rosa-hcp[]
|
||||
cluster, an associated AWS OpenID Connect (OIDC) identity provider is created.
|
||||
|
||||
@@ -220,7 +220,7 @@ If you choose to deploy a PrivateLink cluster, then be sure to deploy the cluste
|
||||
** Ensure that the cluster can egress either through NAT gateway in public subnet or through transit gateway.
|
||||
** Ensure whatever UDR you would like to follow is set up.
|
||||
* You can also configure a cluster-wide proxy during or after install.
|
||||
xref:../networking/configuring-cluster-wide-proxy.adoc#configuring-cluster-wide-proxy[Configuring a cluster-wide proxy] for more details.
|
||||
xref:../networking/ovn_kubernetes_network_provider/configuring-cluster-wide-proxy.adoc#configuring-cluster-wide-proxy[Configuring a cluster-wide proxy] for more details.
|
||||
|
||||
[NOTE]
|
||||
====
|
||||
@@ -261,12 +261,12 @@ endif::openshift-rosa-hcp[]
|
||||
You can configure a custom domain name server and custom domain name for your cluster. To do so, complete the following prerequisites before you create the cluster:
|
||||
|
||||
//TODO OSDOCS-11789: Needs verification from mmcneill
|
||||
* By default,
|
||||
* By default,
|
||||
ifdef::openshift-rosa[]
|
||||
{rosa-classic-short}
|
||||
{rosa-classic-short}
|
||||
endif::openshift-rosa[]
|
||||
ifdef::openshift-rosa-hcp[]
|
||||
{rosa-short}
|
||||
{rosa-short}
|
||||
endif::openshift-rosa-hcp[]
|
||||
clusters require you to set the `domain name servers` option to `AmazonProvidedDNS` to ensure successful cluster creation and operation.
|
||||
* To use a custom DNS server and domain name for your cluster, the ROSA installer must be able to use VPC DNS with default DHCP options so that it can resolve internal IPs and services. This means that you must create a custom DHCP option set to forward DNS lookups to your DNS server, and associate this option set with your VPC before you create the cluster.
|
||||
|
||||
Reference in New Issue
Block a user