mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
157 lines
8.1 KiB
Plaintext
157 lines
8.1 KiB
Plaintext
:_mod-docs-content-type: ASSEMBLY
|
|
include::_attributes/common-attributes.adoc[]
|
|
[id="installing-gcp-customizations"]
|
|
= Installing a cluster on {gcp-short} with customizations
|
|
:context: installing-gcp-customizations
|
|
:platform: {gcp-short}
|
|
|
|
toc::[]
|
|
|
|
In {product-title} version {product-version}, you can install a cluster on {gcp-first} by using installer-provisioned infrastructure with customizations, including network configuration options. In each, you modify parameters in the `install-config.yaml` file before you install the cluster.
|
|
|
|
By customizing your network configuration, your cluster can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations.
|
|
|
|
You must set most of the network configuration parameters during installation, and you can modify only `kubeProxy` configuration parameters in a running cluster.
|
|
|
|
== Prerequisites
|
|
|
|
* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes.
|
|
* You read the documentation on xref:../../installing/overview/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users].
|
|
* You xref:../../installing/installing_gcp/installing-gcp-account.adoc#installing-gcp-account[configured a {gcp-short} project] to host the cluster.
|
|
* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to.
|
|
|
|
include::modules/cluster-entitlements.adoc[leveloffset=+1]
|
|
|
|
include::modules/ssh-agent-using.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-obtaining-installer.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-initializing.adoc[leveloffset=+1]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for {gcp-first}]
|
|
|
|
include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* xref:../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage]
|
|
|
|
include::modules/installation-gcp-tested-machine-types.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-gcp-tested-machine-types-arm.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-using-gcp-custom-machine-types.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-gcp-enabling-shielded-vms.adoc[leveloffset=+2]
|
|
|
|
include::modules/installation-gcp-enabling-confidential-vms.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-configuration-parameters-additional-gcp_installation-config-parameters-gcp[Additional {gcp-first} configuration parameters]
|
|
|
|
include::modules/installation-gcp-managing-dns-solution.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-configuration-parameters-additional-gcp_installation-config-parameters-gcp[Additional {gcp-first} configuration parameters]
|
|
|
|
include::modules/installation-gcp-config-yaml.adoc[leveloffset=+2]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* xref:../../machine_management/creating_machinesets/creating-machineset-gcp.adoc#machineset-enabling-customer-managed-encryption_creating-machineset-gcp[Enabling customer-managed encryption keys for a compute machine set]
|
|
|
|
include::modules/installation-configure-proxy.adoc[leveloffset=+2]
|
|
|
|
include::modules/installing-gcp-user-defined-labels-and-tags.adoc[leveloffset=+1]
|
|
|
|
// Criteria for user-defined labels and tags
|
|
include::modules/installing-gcp-cluster-label-tag-reference.adoc[leveloffset=+2]
|
|
|
|
//Configuring user-defined labels and tags for GCP
|
|
include::modules/installing-gcp-cluster-creation.adoc[leveloffset=+2]
|
|
|
|
//Querying user-defined labels and tags for GCP
|
|
include::modules/installing-gcp-querying-labels-tags-gcp.adoc[leveloffset=+2]
|
|
|
|
// Installing the OpenShift CLI on Linux
|
|
include::modules/cli-installing-cli-linux.adoc[leveloffset=+1]
|
|
|
|
// Installing the OpenShift CLI on Windows
|
|
include::modules/cli-installing-cli-windows.adoc[leveloffset=+1]
|
|
|
|
// Installing the OpenShift CLI on macOS
|
|
include::modules/cli-installing-cli-macos.adoc[leveloffset=+1]
|
|
|
|
[id="installing-gcp-manual-modes_{context}"]
|
|
== Alternatives to storing administrator-level secrets in the kube-system project
|
|
|
|
By default, administrator secrets are stored in the `kube-system` project. If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives:
|
|
|
|
* To manage long-term cloud credentials manually, follow the procedure in xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#manually-create-iam_installing-gcp-customizations[Manually creating long-term credentials].
|
|
|
|
* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in xref:../../installing/installing_gcp/installing-gcp-customizations.adoc#installing-gcp-with-short-term-creds_installing-gcp-customizations[Configuring a {gcp-short} cluster to use short-term credentials].
|
|
|
|
//Manually creating long-term credentials
|
|
include::modules/manually-create-identity-access-management.adoc[leveloffset=+2]
|
|
|
|
//Supertask: Configuring a GCP cluster to use short-term credentials
|
|
[id="installing-gcp-with-short-term-creds_{context}"]
|
|
=== Configuring a {gcp-short} cluster to use short-term credentials
|
|
|
|
To install a cluster that is configured to use {gcp-short} Workload Identity, you must configure the Cloud Credential Operator (CCO) utility and create the required {gcp-short} resources for your cluster. Cluster Operators use the credentials created by the CCO. The installation program does not use these credentials.
|
|
|
|
//Task part 1: Configuring the Cloud Credential Operator utility
|
|
include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3]
|
|
|
|
//Task part 2: Creating the required GCP resources
|
|
include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+3]
|
|
|
|
//Restricting service account impersonation to the compute nodes service account
|
|
include::modules/restricting-sa-impersonation-compute-sa-gcp.adoc[leveloffset=+3]
|
|
|
|
//Task part 3: Incorporating the Cloud Credential Operator utility manifests
|
|
include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3]
|
|
|
|
include::modules/installation-gcp-marketplace.adoc[leveloffset=+1]
|
|
|
|
// Network Operator specific configuration
|
|
include::modules/nw-network-config.adoc[leveloffset=+1]
|
|
|
|
include::modules/nw-modifying-operator-install-config.adoc[leveloffset=+1]
|
|
|
|
include::modules/nw-operator-cr.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-launching-installer.adoc[leveloffset=+1]
|
|
|
|
include::modules/installation-gcp-provisioning-dns-records.adoc[leveloffset=+1]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-configuration-parameters-additional-gcp_installation-config-parameters-gcp[Additional {gcp-first} configuration parameters]
|
|
|
|
include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* See xref:../../web_console/web-console.adoc#web-console[Accessing the web console] for more details about accessing and understanding the {product-title} web console.
|
|
|
|
include::modules/cluster-telemetry.adoc[leveloffset=+1]
|
|
|
|
[role="_additional-resources"]
|
|
.Additional resources
|
|
|
|
* See xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service
|
|
|
|
== Next steps
|
|
|
|
* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster].
|
|
* If necessary, you can
|
|
xref:../../support/remote_health_monitoring/remote-health-reporting.adoc#remote-health-reporting[Remote health reporting].
|