mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
109 lines
5.2 KiB
Plaintext
109 lines
5.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/installing-aws-wavelength-zone.adoc (Installing a cluster on AWS with compute nodes on AWS Wavelength Zones)
|
|
// * installing/installing_aws/aws-compute-edge-zone-tasks.adoc
|
|
|
|
ifeval::["{context}" == "installing-aws-wavelength-zone"]
|
|
:wavelength-zone:
|
|
endif::[]
|
|
ifeval::["{context}" == "aws-compute-edge-zone-tasks"]
|
|
:post-aws-zones:
|
|
endif::[]
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="installation-creating-aws-vpc-carrier-gw_{context}"]
|
|
ifdef::wavelength-zone[]
|
|
= Creating a VPC carrier gateway
|
|
|
|
endif::wavelength-zone[]
|
|
ifdef::post-aws-zones[]
|
|
= Wavelength Zones only: Creating a VPC carrier gateway
|
|
|
|
endif::post-aws-zones[]
|
|
|
|
To use public subnets in your {product-title} cluster that runs on Wavelength Zones, you must create the carrier gateway and associate the carrier gateway to the VPC. Subnets are useful for deploying load balancers or edge compute nodes.
|
|
|
|
To create edge nodes or internet-facing load balancers in Wavelength Zones locations for your {product-title} cluster, you must create the following required network components:
|
|
|
|
* A carrier gateway that associates to the existing VPC.
|
|
* A carrier route table that lists route entries.
|
|
* A subnet that associates to the carrier route table.
|
|
|
|
Carrier gateways exist for VPCs that only contain subnets in a Wavelength Zone.
|
|
|
|
The following list explains the functions of a carrier gateway in the context of an AWS Wavelength Zones location:
|
|
|
|
* Provides connectivity between your Wavelength Zone and the carrier network, which includes any available devices from the carrier network.
|
|
* Performs Network Address Translation (NAT) functions, such as translating IP addresses that are public IP addresses stored in a network border group, from Wavelength Zones to carrier IP addresses. These translation functions apply to inbound and outbound traffic.
|
|
* Authorizes inbound traffic from a carrier network that is located in a specific location.
|
|
* Authorizes outbound traffic to a carrier network and the internet.
|
|
|
|
[NOTE]
|
|
====
|
|
No inbound connection configuration exists from the internet to a Wavelength Zone through the carrier gateway.
|
|
====
|
|
|
|
You can use the provided CloudFormation template to create a stack of the following AWS resources:
|
|
|
|
* One carrier gateway that associates to the VPC ID in the template.
|
|
* One public route table for the Wavelength Zone named as `<ClusterName>-public-carrier`.
|
|
* Default IPv4 route entry in the new route table that targets the carrier gateway.
|
|
* VPC gateway endpoint for an AWS Simple Storage Service (S3).
|
|
|
|
[NOTE]
|
|
====
|
|
If you do not use the provided CloudFormation template to create your AWS infrastructure, you must review the provided information and manually create the infrastructure. If your cluster does not initialize correctly, you might have to contact Red Hat support with your installation logs.
|
|
====
|
|
|
|
.Prerequisites
|
|
|
|
* You configured an AWS account.
|
|
* You added your AWS keys and region to your local AWS profile by running `aws configure`.
|
|
|
|
.Procedure
|
|
|
|
. Go to the next section of the documentation named "CloudFormation template for the VPC Carrier Gateway", and then copy the syntax from the *CloudFormation template for VPC Carrier Gateway* template. Save the copied template syntax as a YAML file on your local system. This template describes the VPC that your cluster requires.
|
|
|
|
. Run the following command to deploy the CloudFormation template, which creates a stack of AWS resources that represent the VPC:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ aws cloudformation create-stack --stack-name <stack_name> \// <1>
|
|
--region ${CLUSTER_REGION} \
|
|
--template-body file://<template>.yaml \// <2>
|
|
--parameters \//
|
|
ParameterKey=VpcId,ParameterValue="${VpcId}" \// <3>
|
|
ParameterKey=ClusterName,ParameterValue="${ClusterName}" <4>
|
|
----
|
|
<1> `<stack_name>` is the name for the CloudFormation stack, such as `clusterName-vpc-carrier-gw`. You need the name of this stack if you remove the cluster.
|
|
<2> `<template>` is the relative path and the name of the CloudFormation template YAML file that you saved.
|
|
<3> `<VpcId>` is the VPC ID extracted from the CloudFormation stack output created in the section named "Creating a VPC in AWS".
|
|
<4> `<ClusterName>` is a custom value that prefixes to resources that the CloudFormation stack creates. You can use the same name that is defined in the `metadata.name` section of the `install-config.yaml` configuration file.
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
arn:aws:cloudformation:us-east-1:123456789012:stack/<stack_name>/dbedae40-2fd3-11eb-820e-12a48460849f
|
|
----
|
|
|
|
.Verification
|
|
|
|
* Confirm that the CloudFormation template components exist by running the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ aws cloudformation describe-stacks --stack-name <stack_name>
|
|
----
|
|
+
|
|
After the `StackStatus` displays `CREATE_COMPLETE`, the output displays values for the following parameter. Ensure that you provide the parameter value to the other CloudFormation templates that you run to create for your cluster.
|
|
+
|
|
[horizontal]
|
|
`PublicRouteTableId`:: The ID of the Route Table in the Carrier infrastructure.
|
|
|
|
ifeval::["{context}" == "installing-aws-wavelength-zone"]
|
|
:!wavelength-zone:
|
|
endif::[]
|
|
ifeval::["{context}" == "aws-compute-edge-zone-tasks"]
|
|
:!post-aws-zones:
|
|
endif::[]
|