mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
189 lines
10 KiB
Plaintext
189 lines
10 KiB
Plaintext
:_mod-docs-content-type: ASSEMBLY
|
|
[id="installing-aws-user-infra"]
|
|
= Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates
|
|
include::_attributes/common-attributes.adoc[]
|
|
:context: installing-aws-user-infra
|
|
:platform: AWS
|
|
|
|
toc::[]
|
|
|
|
In {product-title} version {product-version}, you can install a cluster on Amazon Web Services (AWS) that uses infrastructure that you provide.
|
|
|
|
One way to create this infrastructure is to use the provided CloudFormation templates. You can modify the templates to customize your infrastructure or use the information that they contain to create AWS objects according to your company's policies.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
The steps for performing a user-provisioned infrastructure installation are provided as an example only. Installing a cluster with infrastructure you provide requires knowledge of the cloud provider and the installation process of {product-title}. Several CloudFormation templates are provided to assist in completing these steps or to help model your own. You are also free to create the required resources through other methods; the templates are just an example.
|
|
====
|
|
|
|
== Prerequisites
|
|
|
|
* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes.
|
|
* You read the documentation on xref:../../../installing/overview/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users].
|
|
* You xref:../../../installing/installing_aws/installing-aws-account.adoc#installing-aws-account[configured an AWS account] to host the cluster.
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
If you have an AWS profile stored on your computer, it must not use a temporary session token that you generated while using a multi-factor authentication device. The cluster continues to use your current AWS credentials to create AWS resources for the entire life of the cluster, so you must use key-based, long-term credentials. To generate appropriate keys, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html[Managing Access Keys for IAM Users] in the AWS documentation. You can supply the keys when you run the installation program.
|
|
====
|
|
* You xref:../../../installing/installing_aws/upi/upi-aws-installation-reqs#upi-aws-installation-reqs[prepared the user-provisioned infrastructure.]
|
|
* You downloaded the AWS CLI and installed it on your computer. See link:https://docs.aws.amazon.com/cli/latest/userguide/install-bundle.html[Install the AWS CLI Using the Bundled Installer (Linux, macOS, or UNIX)] in the AWS documentation.
|
|
* If you use a firewall, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to.
|
|
+
|
|
[NOTE]
|
|
====
|
|
Be sure to also review this site list if you are configuring a proxy.
|
|
====
|
|
* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, you can xref:../../../installing/installing_aws/ipi/installing-aws-customizations.adoc#manually-create-iam_installing-aws-customizations[manually create and maintain long-term credentials].
|
|
|
|
include::modules/installation-user-infra-generate.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-disk-partitioning-upi-templates.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-generate-aws-user-infra-install-config.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* See link:https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html[Configuration and credential file settings] in the AWS documentation for more information about AWS profile and credential configuration.
|
|
|
|
include::modules/installation-configure-proxy.adoc[leveloffset=+2]
|
|
|
|
//include::modules/installation-three-node-cluster.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-user-infra-generate-k8s-manifest-ignition.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-extracting-infraid.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-creating-aws-vpc.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-cloudformation-vpc.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* You can view details about the CloudFormation stacks that you create by navigating to the link:https://console.aws.amazon.com/cloudformation/[AWS CloudFormation console].
|
|
|
|
include::modules/installation-creating-aws-dns.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-cloudformation-dns.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* You can view details about the CloudFormation stacks that you create by navigating to the link:https://console.aws.amazon.com/cloudformation/[AWS CloudFormation console].
|
|
|
|
* You can view details about your hosted zones by navigating to the link:https://console.aws.amazon.com/route53/[AWS Route 53 console].
|
|
|
|
* link:https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ListInfoOnHostedZone.html[Listing public hosted zones({aws-short} documentation)]
|
|
|
|
include::modules/installation-creating-aws-security.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-cloudformation-security.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* You can view details about the CloudFormation stacks that you create by navigating to the link:https://console.aws.amazon.com/cloudformation/[AWS CloudFormation console].
|
|
|
|
include::modules/installation-aws-ami-stream-metadata.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-aws-user-infra-rhcos-ami.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-aws-regions-with-no-ami.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-aws-upload-custom-rhcos-ami.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-creating-aws-bootstrap.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-cloudformation-bootstrap.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* You can view details about the CloudFormation stacks that you create by navigating to the link:https://console.aws.amazon.com/cloudformation/[AWS CloudFormation console].
|
|
|
|
* xref:../../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installation-aws-user-infra-rhcos-ami_installing-aws-user-infra[{op-system} AMIs for the AWS infrastructure]
|
|
|
|
include::modules/installation-creating-aws-control-plane.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-cloudformation-control-plane.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* You can view details about the CloudFormation stacks that you create by navigating to the link:https://console.aws.amazon.com/cloudformation/[AWS CloudFormation console].
|
|
|
|
include::modules/installation-creating-aws-worker.adoc[leveloffset=+1]
|
|
|
|
////
|
|
[id="installing-workers-aws-user-infra"]
|
|
== Creating worker nodes
|
|
|
|
You can either manually create worker nodes or use a MachineSet to create worker
|
|
nodes after the cluster deploys. If you use a MachineSet to create and maintain
|
|
the workers, you can allow the cluster to manage them. This allows you to easily
|
|
scale, manage, and upgrade your workers.
|
|
////
|
|
|
|
include::modules/installation-cloudformation-worker.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* You can view details about the CloudFormation stacks that you create by navigating to the link:https://console.aws.amazon.com/cloudformation/[AWS CloudFormation console].
|
|
|
|
include::modules/installation-aws-creating-cloudformation-stack-compute.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-aws-user-infra-bootstrap.adoc[leveloffset=+1]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* See xref:../../../support/troubleshooting/troubleshooting-installations.adoc#monitoring-installation-progress_troubleshooting-installations[Monitoring installation progress] for details about monitoring the installation, bootstrap, and control plane logs as an {product-title} installation progresses.
|
|
|
|
* See xref:../../../support/troubleshooting/troubleshooting-installations.adoc#gathering-bootstrap-diagnostic-data_troubleshooting-installations[Gathering bootstrap node diagnostic data] for information about troubleshooting issues related to the bootstrap process.
|
|
|
|
* You can view details about the running instances that are created by using the link:https://console.aws.amazon.com/ec2[AWS EC2 console].
|
|
|
|
include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-approve-csrs.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-operators-config.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-registry-storage-config.adoc[leveloffset=+2]
|
|
|
|
You can configure registry storage for user-provisioned infrastructure in AWS to deploy {product-title} to hidden regions. See xref:../../../registry/configuring_registry_storage/configuring-registry-storage-aws-user-infrastructure.adoc#configuring-registry-storage-aws-user-infrastructure[Configuring the registry for AWS user-provisioned infrastructure] for more information.
|
|
|
|
include::modules/registry-configuring-storage-aws-user-infra.adoc[leveloffset=+3]
|
|
|
|
include::modules/installation-registry-storage-non-production.adoc[leveloffset=+3]
|
|
|
|
include::modules/installation-aws-user-infra-delete-bootstrap.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-create-ingress-dns-records.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-aws-user-infra-installation.adoc[leveloffset=+1]
|
|
|
|
include::modules/logging-in-by-using-the-web-console.adoc[leveloffset=+1]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* xref:../../../web_console/web-console.adoc#web-console[Accessing the web console]
|
|
|
|
[role="_additional-resources"]
|
|
[id="installing-aws-user-infra-additional-resources"]
|
|
== Additional resources
|
|
|
|
* link:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html[Working with stacks({aws-short} documentation)]
|
|
|
|
[id="installing-aws-user-infra-next-steps"]
|
|
== Next steps
|
|
|
|
* xref:../../../installing/validation_and_troubleshooting/validating-an-installation.adoc#validating-an-installation[Validating an installation].
|
|
* xref:../../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster].
|
|
* If necessary, you can xref:../../../support/remote_health_monitoring/remote-health-reporting.adoc#remote-health-reporting[Remote health reporting].
|
|
* If necessary, you can xref:../../../post_installation_configuration/changing-cloud-credentials-configuration.adoc#manually-removing-cloud-creds_changing-cloud-credentials-configuration[remove cloud provider credentials].
|