openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/modules/installation-bare-metal-agent-installer-config-yaml.adoc
Sebastian Kopacz a7baa0cd30 OSDOCS-12846: custom manifest clarification
2025-03-18 19:44:16 +00:00

111 lines
5.2 KiB
Plaintext
Raw Permalink Blame History

// Module included in the following assemblies:
// * installing/installing_with_agent_based_installer/preparing-to-install-with-agent-based-installer.adoc
// Re-used content from Sample install-config.yaml file for bare metal without conditionals
:_mod-docs-content-type: CONCEPT
[id="installation-bare-metal-agent-installer-config-yaml_{context}"]
= Sample install-config.yaml file for bare metal
You can customize the `install-config.yaml` file to specify more details about your {product-title} cluster's platform or modify the values of the required parameters.
[source,yaml]
----
apiVersion: v1
baseDomain: example.com <1>
compute: <2>
- name: worker
replicas: 0 <3>
architecture: amd64
controlPlane: <2>
name: master
replicas: 1 <4>
architecture: amd64
metadata:
name: sno-cluster <5>
networking:
clusterNetwork:
- cidr: 10.128.0.0/14 <6>
hostPrefix: 23 <7>
networkType: OVNKubernetes <8>
serviceNetwork: <9>
- 172.30.0.0/16
platform:
none: {} <10>
fips: false <11>
pullSecret: '{"auths": ...}' <12>
sshKey: 'ssh-ed25519 AAAA...' <13>
----
<1> The base domain of the cluster. All DNS records must be sub-domains of this base and include the cluster name.
<2> The `controlPlane` section is a single mapping, but the `compute` section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Only one control plane pool is used.
<3> This parameter controls the number of compute machines that the Agent-based installation waits to discover before triggering the installation process. It is the number of compute machines that must be booted with the generated ISO.
+
[NOTE]
====
If you are installing a three-node cluster, do not deploy any compute machines when you install the {op-system-first} machines.
====
+
<4> The number of control plane machines that you add to the cluster. Because the cluster uses these values as the number of etcd endpoints in the cluster, the value must match the number of control plane machines that you deploy.
<5> The cluster name that you specified in your DNS records.
<6> A block of IP addresses from which pod IP addresses are allocated. This block must not overlap with existing physical networks. These IP addresses are used for the pod network. If you need to access the pods from an external network, you must configure load balancers and routers to manage the traffic.
+
[NOTE]
====
Class E CIDR range is reserved for a future use. To use the Class E CIDR range, you must ensure your networking environment accepts the IP addresses within the Class E CIDR range.
====
+
<7> The subnet prefix length to assign to each individual node. For example, if `hostPrefix` is set to `23`, then each node is assigned a `/23` subnet out of the given `cidr`, which allows for 510 (2^(32 - 23) - 2) pod IP addresses. If you are required to provide access to nodes from an external network, configure load balancers and routers to manage the traffic.
<8> The cluster network plugin to install. The default value `OVNKubernetes` is the only supported value.
<9> The IP address pool to use for service IP addresses. You can enter only one IP address pool. This block must not overlap with existing physical networks. If you need to access the services from an external network, configure load balancers and routers to manage the traffic.
<10> You must set the platform to `none` for a single-node cluster. You can set the platform to `vsphere`, `baremetal`, or `none` for multi-node clusters.
+
[NOTE]
====
If you set the platform to `vsphere` or `baremetal`, you can configure IP address endpoints for cluster nodes in three ways:
* IPv4
* IPv6
* IPv4 and IPv6 in parallel (dual-stack)
.Example of dual-stack networking
[source,yaml]
----
networking:
clusterNetwork:
- cidr: 172.21.0.0/16
hostPrefix: 23
- cidr: fd02::/48
hostPrefix: 64
machineNetwork:
- cidr: 192.168.11.0/16
- cidr: 2001:DB8::/32
serviceNetwork:
- 172.22.0.0/16
- fd03::/112
networkType: OVNKubernetes
platform:
baremetal:
apiVIPs:
- 192.168.11.3
- 2001:DB8::4
ingressVIPs:
- 192.168.11.4
- 2001:DB8::5
----
====
<11> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead.
+
[IMPORTANT]
====
When running {op-system-base-full} or {op-system-first} booted in FIPS mode, {product-title} core components use the {op-system-base} cryptographic libraries that have been submitted to NIST for FIPS 140-2/140-3 Validation on only the x86_64, ppc64le, and s390x architectures.
====
<12> This pull secret allows you to authenticate with the services that are provided by the included authorities, including Quay.io, which serves the container images for {product-title} components.
<13> The SSH public key for the `core` user in {op-system-first}.
+
[NOTE]
====
For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses.
====
View Git Blame Copy Permalink