mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-07 09:46:53 +01:00
shared VPC GPC
This commit is contained in:
mletalie
committed by
openshift-cherrypick-robot
openshift-cherrypick-robot
parent
5fdaf35341
commit
efa5b2ba7b
@@ -19,3 +19,8 @@ You can delete your {product-title} cluster in {cluster-manager-first}.
|
||||
. Select *Delete cluster* from the *Actions* drop-down menu.
|
||||
|
||||
. Type the name of the cluster highlighted in bold, then click *Delete*. Cluster deletion occurs automatically.
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
If you delete a cluster that was installed into a GCP shared VPC, inform the Shared VPC Admin of the host project to remove the IAM policy roles granted to the service account that was referenced during cluster creation.
|
||||
====
|
||||
@@ -204,14 +204,35 @@ The *Use a PrivateLink* option cannot be changed after a cluster is created.
|
||||
+
|
||||
.. If you are installing into an existing VPC and you want to enable an HTTP or HTTPS proxy for your cluster, select *Configure a cluster-wide proxy*.
|
||||
endif::osd-on-aws[]
|
||||
|
||||
ifdef::osd-on-gcp[]
|
||||
. Optional: To install the cluster in an existing GCP Virtual Private Cloud (VPC):
|
||||
.. Select *Install into an existing VPC*.
|
||||
.. If you are installing into an existing VPC and you want to enable an HTTP or HTTPS proxy for your cluster, select *Configure a cluster-wide proxy*.
|
||||
endif::osd-on-gcp[]
|
||||
|
||||
+
|
||||
. Click *Next*.
|
||||
|
||||
ifdef::osd-on-gcp[]
|
||||
. Optional: To install the cluster into a GCP shared VPC:
|
||||
+
|
||||
[IMPORTANT]
|
||||
====
|
||||
|
||||
To install a cluster into a shared VPC, you must use {product-title} version 4.13.15 or above. Additionally, the shared VPC administrator must enable a project as a host project in their Google Cloud console. For more information, see link:https://cloud.google.com/vpc/docs/provisioning-shared-vpc#set-up-shared-vpc[Enable a host project].
|
||||
====
|
||||
|
||||
.. Select *Install into GCP shared VPC*.
|
||||
.. Specify the **Host project ID**. If the specified host project ID is incorrect, cluster creation fails.
|
||||
+
|
||||
[IMPORTANT]
|
||||
====
|
||||
Once you complete the steps within the cluster configuration wizard and click **Create Cluster**, the cluster will go into the "Installation Waiting" state. At this point, you must contact the Shared VPC Admin of the host project, who must assign the dynamically-generated service account the following roles: **Computer Network Administrator**, **Compute Security Administrator**, and **DNS Administrator**.
|
||||
The Shared VPC Admin of the host project has 30 days to grant the listed permissions before the cluster creation fails.
|
||||
For information about GCP shared VPC permissions, see link:https://cloud.google.com/vpc/docs/provisioning-shared-vpc#migs-service-accounts[Provision Shared VPC].
|
||||
====
|
||||
endif::osd-on-gcp[]
|
||||
+
|
||||
. If you opted to install the cluster in an existing
|
||||
ifdef::osd-on-aws[]
|
||||
AWS
|
||||
@@ -219,7 +240,8 @@ endif::osd-on-aws[]
|
||||
ifdef::osd-on-gcp[]
|
||||
GCP
|
||||
endif::osd-on-gcp[]
|
||||
VPC, provide your *Virtual Private Cloud (VPC) subnet settings* and select *Next*. You must have created the Cloud network address translation (NAT) and a Cloud router. See the additional resources for information about Cloud NATs and Google VPCs.
|
||||
VPC, provide your *Virtual Private Cloud (VPC) subnet settings* and select *Next*.
|
||||
You must have created the Cloud network address translation (NAT) and a Cloud router. See the additional resources for information about Cloud NATs and Google VPCs.
|
||||
ifdef::osd-on-aws[]
|
||||
+
|
||||
[NOTE]
|
||||
@@ -227,7 +249,13 @@ ifdef::osd-on-aws[]
|
||||
You must ensure that your VPC is configured with a public and a private subnet for each availability zone that you want the cluster installed into. If you opted to use PrivateLink, only private subnets are required.
|
||||
====
|
||||
endif::osd-on-aws[]
|
||||
|
||||
ifdef::osd-on-gcp[]
|
||||
+
|
||||
[NOTE]
|
||||
====
|
||||
If you are installing a cluster into a GCP shared VPC, the VPC name and subnets are shared from the host project.
|
||||
====
|
||||
endif::osd-on-gcp[]
|
||||
. If you opted to configure a cluster-wide proxy, provide your proxy configuration details on the *Cluster-wide proxy* page:
|
||||
+
|
||||
--
|
||||
@@ -284,6 +312,13 @@ In the event of critical security concerns that significantly impact the securit
|
||||
====
|
||||
|
||||
. Review the summary of your selections and click *Create cluster* to start the cluster installation. The installation takes approximately 30-40 minutes to complete.
|
||||
+
|
||||
ifdef::osd-on-gcp[]
|
||||
[NOTE]
|
||||
====
|
||||
If you delete a cluster that was installed into a GCP shared VPC, inform the Shared VPC Admin of the host project to remove the IAM policy roles granted to the service account that was referenced during cluster creation.
|
||||
====
|
||||
endif::osd-on-gcp[]
|
||||
|
||||
.Verification
|
||||
|
||||
|
||||
Reference in New Issue
Block a user