mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
158 lines
6.2 KiB
Plaintext
158 lines
6.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/installing_aws/installing-aws-localzone.adoc
|
|
// * installing/installing_aws/installing-aws-wavelength-zone.adoc
|
|
// * installing/installing_aws/installing-aws-user-infra.adoc
|
|
// * installing/installing_aws/installing-restricted-networks-aws.adoc
|
|
|
|
ifeval::["{context}" == "installing-aws-user-infra"]
|
|
:three-node-cluster:
|
|
endif::[]
|
|
ifeval::["{context}" == "installing-restricted-networks-aws"]
|
|
:restricted:
|
|
endif::[]
|
|
ifeval::["{context}" == "installing-aws-local-zone"]
|
|
:local-zone:
|
|
endif::[]
|
|
ifeval::["{context}" == "installing-aws-wavelength-zone"]
|
|
:wavelength-zone:
|
|
endif::[]
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="installation-generate-aws-user-infra-install-config_{context}"]
|
|
= Creating the installation configuration file
|
|
|
|
Generate and customize the installation configuration file that the
|
|
installation program needs to deploy your cluster.
|
|
|
|
.Prerequisites
|
|
|
|
* You obtained the {product-title} installation program
|
|
ifndef::localzone,wavelength-zone[]
|
|
for user-provisioned infrastructure
|
|
endif::localzone,wavelength-zone[]
|
|
and the pull secret for your cluster.
|
|
ifdef::restricted[]
|
|
For a restricted network installation, these files are on your mirror host.
|
|
endif::restricted[]
|
|
* You checked that you are deploying your cluster to an AWS Region with an accompanying {op-system-first} AMI published by Red Hat. If you are deploying to an AWS Region that requires a custom AMI, such as an AWS GovCloud Region, you must create the `install-config.yaml` file manually.
|
|
|
|
.Procedure
|
|
|
|
. Create the `install-config.yaml` file.
|
|
.. Change to the directory that contains the installation program and run the following command:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ ./openshift-install create install-config --dir <installation_directory> <1>
|
|
----
|
|
<1> For `<installation_directory>`, specify the directory name to store the
|
|
files that the installation program creates.
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
Specify an empty directory. Some installation assets, like bootstrap X.509
|
|
certificates have short expiration intervals, so you must not reuse an
|
|
installation directory. If you want to reuse individual files from another
|
|
cluster installation, you can copy them into your directory. However, the file
|
|
names for the installation assets might change between releases. Use caution
|
|
when copying installation files from an earlier {product-title} version.
|
|
====
|
|
.. At the prompts, provide the configuration details for your cloud:
|
|
... Optional: Select an SSH key to use to access your cluster machines.
|
|
+
|
|
[NOTE]
|
|
====
|
|
For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses.
|
|
====
|
|
... Select *aws* as the platform to target.
|
|
... If you do not have an AWS profile stored on your computer, enter the AWS
|
|
access key ID and secret access key for the user that you configured to run the
|
|
installation program.
|
|
+
|
|
[NOTE]
|
|
====
|
|
The AWS access key ID and secret access key are stored in `~/.aws/credentials` in the home directory of the current user on the installation host. You are prompted for the credentials by the installation program if the credentials for the exported profile are not present in the file. Any credentials that you provide to the installation program are stored in the file.
|
|
====
|
|
... Select the AWS Region to deploy the cluster to.
|
|
... Select the base domain for the Route 53 service that you configured for your cluster.
|
|
... Enter a descriptive name for your cluster.
|
|
... Paste the {cluster-manager-url-pull}.
|
|
ifdef::openshift-origin[]
|
|
This field is optional.
|
|
endif::[]
|
|
|
|
ifdef::restricted[]
|
|
. Edit the `install-config.yaml` file to give the additional information that
|
|
is required for an installation in a restricted network.
|
|
.. Update the `pullSecret` value to contain the authentication information for
|
|
your registry:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
pullSecret: '{"auths":{"<local_registry>": {"auth": "<credentials>","email": "you@example.com"}}}'
|
|
----
|
|
+
|
|
For `<local_registry>`, specify the registry domain name, and optionally the
|
|
port, that your mirror registry uses to serve content. For example
|
|
`registry.example.com` or `registry.example.com:5000`. For `<credentials>`,
|
|
specify the base64-encoded user name and password for your mirror registry.
|
|
.. Add the `additionalTrustBundle` parameter and value. The value must be the contents of the certificate file that you used for your mirror registry. The certificate file can be an existing, trusted certificate authority or the self-signed certificate that you generated for the mirror registry.
|
|
+
|
|
[source,yaml]
|
|
----
|
|
additionalTrustBundle: |
|
|
-----BEGIN CERTIFICATE-----
|
|
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
|
|
-----END CERTIFICATE-----
|
|
----
|
|
.. Add the image content resources:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
imageContentSources:
|
|
- mirrors:
|
|
- <local_registry>/<local_repository_name>/release
|
|
source: quay.io/openshift-release-dev/ocp-release
|
|
- mirrors:
|
|
- <local_registry>/<local_repository_name>/release
|
|
source: quay.io/openshift-release-dev/ocp-v4.0-art-dev
|
|
----
|
|
+
|
|
Use the `imageContentSources` section from the output of the command to mirror the repository or the values that you used when you mirrored the content from the media that you brought into your restricted network.
|
|
|
|
.. Optional: Set the publishing strategy to `Internal`:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
publish: Internal
|
|
----
|
|
+
|
|
By setting this option, you create an internal Ingress Controller and a private load balancer.
|
|
endif::restricted[]
|
|
|
|
ifdef::three-node-cluster[]
|
|
. If you are installing a three-node cluster, modify the `install-config.yaml` file by setting the `compute.replicas` parameter to `0`. This ensures that the cluster's control planes are schedulable. For more information, see "Installing a three-node cluster on AWS".
|
|
endif::three-node-cluster[]
|
|
|
|
. Optional: Back up the `install-config.yaml` file.
|
|
+
|
|
[IMPORTANT]
|
|
====
|
|
The `install-config.yaml` file is consumed during the installation process. If
|
|
you want to reuse the file, you must back it up now.
|
|
====
|
|
|
|
ifeval::["{context}" == "installing-aws-user-infra"]
|
|
:!three-node-cluster:
|
|
endif::[]
|
|
ifeval::["{context}" == "installing-restricted-networks-aws"]
|
|
:!restricted:
|
|
endif::[]
|
|
ifeval::["{context}" == "installing-aws-local-zone"]
|
|
:!local-zone:
|
|
endif::[]
|
|
ifeval::["{context}" == "installing-aws-wavelength-zone"]
|
|
:wavelength-zone:
|
|
endif::[]
|