mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
52 lines
2.4 KiB
Plaintext
52 lines
2.4 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * hosted-control-planes/hcp-deploy/hcp-deploy-aws.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="hcp-create-private-hc-aws_{context}"]
|
|
= Creating a private hosted cluster on {aws-short}
|
|
|
|
After you enable the `local-cluster` as the hosting cluster, you can deploy a hosted cluster or a private hosted cluster on {aws-first}.
|
|
|
|
By default, hosted clusters are publicly accessible through public DNS and the default router for the management cluster.
|
|
|
|
For private clusters on {aws-short}, all communication with the hosted cluster occurs over {aws-short} PrivateLink.
|
|
|
|
.Prerequisites
|
|
|
|
* You enabled {aws-short} PrivateLink. For more information, see "Enabling {aws-short} PrivateLink".
|
|
|
|
* You created an {aws-short} Identity and Access Management (IAM) role and {aws-short} Security Token Service (STS) credentials. For more information, see "Creating an {aws-short} IAM role and STS credentials" and "Identity and Access Management (IAM) permissions".
|
|
|
|
* You configured a link:https://aws.amazon.com/solutions/implementations/linux-bastion[bastion instance on {aws-short}].
|
|
|
|
.Procedure
|
|
|
|
* Create a private hosted cluster on {aws-short} by entering the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ hcp create cluster aws \
|
|
--name <hosted_cluster_name> \// <1>
|
|
--node-pool-replicas=<node_pool_replica_count> \// <2>
|
|
--base-domain <basedomain> \// <3>
|
|
--pull-secret <path_to_pull_secret> \// <4>
|
|
--sts-creds <path_to_sts_credential_file> \// <5>
|
|
--region <region> \// <6>
|
|
--endpoint-access Private \// <7>
|
|
--role-arn <role_name> <8>
|
|
----
|
|
<1> Specify the name of your hosted cluster, for instance, `example`.
|
|
<2> Specify the node pool replica count, for example, `3`.
|
|
<3> Specify your base domain, for example, `example.com`.
|
|
<4> Specify the path to your pull secret, for example, `/user/name/pullsecret`.
|
|
<5> Specify the path to your {aws-short} STS credentials file, for example, `/home/user/sts-creds/sts-creds.json`.
|
|
<6> Specify the {aws-short} region name, for example, `us-east-1`.
|
|
<7> Defines whether a cluster is public or private.
|
|
<8> Specify the Amazon Resource Name (ARN), for example, `arn:aws:iam::820196288204:role/myrole`. For more information about ARN roles, see "Identity and Access Management (IAM) permissions".
|
|
+
|
|
The following API endpoints for the hosted cluster are accessible through a private DNS zone:
|
|
|
|
* `api.<hosted_cluster_name>.hypershift.local`
|
|
* `*.apps.<hosted_cluster_name>.hypershift.local`
|