openshift-docs/modules/installation-ibm-power-vs-config-yaml.adoc

// Module included in the following assemblies:
//
// * installing/installing_ibm_power/installing-ibm-power-vs-customizations.adoc
// * installing/installing_ibm_power/installing-ibm-power-vs-private-cluster.adoc
// * installing/installing_ibm_power/installing-restricted-networks-ibm-power-vs.adoc
// * installing/installing_ibm_power/installing-ibm-powervs-vpc.adoc

ifeval::["{context}" == "installing-ibm-power-vs-customizations"]
:ibm-power-vs:
endif::[]
ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"]
:private:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"]
:restricted:
endif::[]
ifeval::["{context}" == "installing-ibm-powervs-vpc"]
:ibm-powervs-vpc:
endif::[]

:_mod-docs-content-type: REFERENCE
[id="installation-ibm-power-vs-config-yaml_{context}"]
= Sample customized install-config.yaml file for {ibm-power-server-title}

You can customize the `install-config.yaml` file to specify more details about your {product-title} cluster's platform or modify the values of the required parameters.

[IMPORTANT]
====
This sample YAML file is provided for reference only. You must obtain your `install-config.yaml` file by using the installation program and modify it.
====

ifdef::ibm-power-vs[]
[source,yaml]
----
apiVersion: v1
baseDomain: example.com
compute: <1> <2>
- architecture: ppc64le
  hyperthreading: Enabled <3>
  name: worker
  platform:
    powervs:
      smtLevel: 8 <4>
  replicas: 3
controlPlane: <1> <2>
  architecture: ppc64le
  hyperthreading: Enabled <3>
  name: master
  platform:
    powervs:
      smtLevel: 8 <4>
  replicas: 3
metadata:
  creationTimestamp: null
  name: example-cluster-name
networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14
    hostPrefix: 23
  machineNetwork:
  - cidr: 192.168.0.0/24
  networkType: OVNKubernetes <5>
  serviceNetwork:
  - 172.30.0.0/16
platform:
  powervs:
    userID: ibm-user-id
    region: powervs-region
    zone: powervs-zone
    powervsResourceGroup: "ibmcloud-resource-group" <6>
    serviceInstanceGUID: "powervs-region-service-instance-guid"
    vpcRegion : vpc-region
publish: External
pullSecret: '{"auths": ...}' <7>
sshKey: ssh-ed25519 AAAA... <8>
----
<1> If you do not provide these parameters and values, the installation program provides the default value.
<2> The `controlPlane` section is a single mapping, but the compute section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Although both sections currently define a single machine pool, it is possible that {product-title} will support defining multiple compute pools during installation. Only one control plane pool is used.
<3> Whether to enable or disable simultaneous multithreading, or `hyperthreading`. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines.
+
[IMPORTANT]
====
If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance.
====
//ifndef::openshift-origin[]
//<5> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead.
//+
//[IMPORTANT]
//====
//The use of FIPS Validated or Modules in Process cryptographic libraries is only supported on {product-title} deployments on the `x86_64` architecture.
//====
//<6> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
//endif::openshift-origin[]
<4> The smtLevel specifies the level of SMT to set to the control plane and compute machines. The supported values are 1, 2, 4, 8, `'off'` and `'on'`. The default value is 8. The smtLevel `'off'` sets SMT to off and smtlevel `'on'` sets SMT to the default value 8 on the cluster nodes.
+
[NOTE]
====
When simultaneous multithreading (SMT), or hyperthreading is not enabled, one vCPU is equivalent to one physical core. When enabled, total vCPUs is computed as: (Thread(s) per core * Core(s) per socket) * Socket(s). The smtLevel controls the threads per core. Lower SMT levels may require additional assigned cores when deploying the cluster nodes. You can do this by setting the `'processors'` parameter in the `install-config.yaml` file to an appropriate value to meet the requirements for deploying {product-title} successfully.
====
<5> The cluster network plugin to install. The default value `OVNKubernetes` is the only supported value.
<6> The name of an existing resource group.
<7> Required. The installation program prompts you for this value.
ifdef::openshift-origin[]
<8> Optional. You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
endif::openshift-origin[]
+
[NOTE]
====
For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses.
====
endif::ibm-power-vs[]

ifdef::private[]
[source,yaml]
----
apiVersion: v1
baseDomain: example.com
compute: <1> <2>
- architecture: ppc64le
  hyperthreading: Enabled <3>
  name: worker
  platform:
    powervs:
      smtLevel: 8 <4>
  replicas: 3
controlPlane: <1> <2>
  architecture: ppc64le
  hyperthreading: Enabled <3>
  name: master
  platform:
    powervs:
      smtLevel: 8 <4>
  replicas: 3
metadata:
  creationTimestamp: null
  name: example-private-cluster-name
networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14 <5>
    hostPrefix: 23
  machineNetwork:
  - cidr: 192.168.0.0/24
  networkType: OVNKubernetes <6>
  serviceNetwork:
  - 172.30.0.0/16
platform:
  powervs:
    userID: ibm-user-id
    powervsResourceGroup: "ibmcloud-resource-group"
    region: powervs-region
    vpcName: name-of-existing-vpc <7>
    vpcRegion : vpc-region
    zone: powervs-zone
    serviceInstanceGUID: "powervs-region-service-instance-guid"
publish: Internal <8>
pullSecret: '{"auths": ...}' <9>
sshKey: ssh-ed25519 AAAA... <10>
----
<1> If you do not provide these parameters and values, the installation program provides the default value.
<2> The `controlPlane` section is a single mapping, but the compute section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Both sections currently define a single machine pool. Only one control plane pool is used.
<3> Whether to enable or disable simultaneous multithreading, or `hyperthreading`. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines.
<4> The smtLevel specifies the level of SMT to set to the control plane and compute machines. The supported values are 1, 2, 4, 8, `'off'` and `'on'`. The default value is 8. The smtLevel `'off'` sets SMT to off and smtlevel `'on'` sets SMT to the default value 8 on the cluster nodes.
+
[NOTE]
====
When simultaneous multithreading (SMT), or hyperthreading is not enabled, one vCPU is equivalent to one physical core. When enabled, total vCPUs is computed as (Thread(s) per core * Core(s) per socket) * Socket(s). The smtLevel controls the threads per core. Lower SMT levels may require additional assigned cores when deploying the cluster nodes. You can do this by setting the `'processors'` parameter in the `install-config.yaml` file to an appropriate value to meet the requirements for deploying {product-title} successfully.
====
<5> The machine CIDR must contain the subnets for the compute machines and control plane machines.
<6> The cluster network plugin to install. The default value `OVNKubernetes` is the only supported value.
<7> Specify the name of an existing VPC.
<8> Specify how to publish the user-facing endpoints of your cluster. Set publish to `Internal` to deploy a private cluster.
<9> Required. The installation program prompts you for this value.
<10> Provide the `sshKey` value that you use to access the machines in your cluster.
+
[IMPORTANT]
====
If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance.
====
//ifndef::openshift-origin[]
//<5> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead.
//+
//[IMPORTANT]
//====
//The use of FIPS Validated or Modules in Process cryptographic libraries is only supported on {product-title} deployments on the `x86_64` architecture.
//====
//<6> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
//endif::openshift-origin[]

ifdef::openshift-origin[]
<5> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
endif::openshift-origin[]
+
[NOTE]
====
For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses.
====
endif::private[]

ifdef::ibm-powervs-vpc[]
[source,yaml]
----
apiVersion: v1
baseDomain: example.com
compute: <1> <2>
- architecture: ppc64le
  hyperthreading: Enabled <3>
  name: worker
  platform:
    powervs:
      smtLevel: 8 <4>
  replicas: 3
controlPlane: <1> <2>
  architecture: ppc64le
  hyperthreading: Enabled <3>
  name: master
  platform:
    powervs:
      smtLevel: 8 <4>
  replicas: 3
metadata:
  creationTimestamp: null
  name: example-cluster-existing-vpc
networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14 <5>
    hostPrefix: 23
  machineNetwork:
  - cidr: 192.168.0.0/24
  networkType: OVNKubernetes <6>
  serviceNetwork:
  - 172.30.0.0/16
platform:
  powervs:
    userID: ibm-user-id
    powervsResourceGroup: "ibmcloud-resource-group"
    region: powervs-region
    vpcRegion : vpc-region
    vpcName: name-of-existing-vpc <7>
    zone: powervs-zone
    serviceInstanceGUID: "powervs-region-service-instance-guid"
credentialsMode: Manual
publish: External <8>
pullSecret: '{"auths": ...}' <9>
fips: false
sshKey: ssh-ed25519 AAAA... <10>
----
<1> If you do not provide these parameters and values, the installation program provides the default value.
<2> The `controlPlane` section is a single mapping, but the compute section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Both sections currently define a single machine pool. Only one control plane pool is used.
<3> Whether to enable or disable simultaneous multithreading, or `hyperthreading`. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines.
<4> The smtLevel specifies the level of SMT to set to the control plane and compute machines. The supported values are 1, 2, 4, 8, `'off'` and `'on'`. The default value is 8. The smtLevel `'off'` sets SMT to off and smtlevel `'on'` sets SMT to the default value 8 on the cluster nodes.
+
[NOTE]
====
When simultaneous multithreading (SMT), or hyperthreading is not enabled, one vCPU is equivalent to one physical core. When enabled, total vCPUs is computed as (Thread(s) per core * Core(s) per socket) * Socket(s). The smtLevel controls the threads per core. Lower SMT levels may require additional assigned cores when deploying the cluster nodes. You can do this by setting the `'processors'` parameter in the `install-config.yaml` file to an appropriate value to meet the requirements for deploying {product-title} successfully.
====
<5> The machine CIDR must contain the subnets for the compute machines and control plane machines.
<6> The cluster network plugin for installation. The supported value is `OVNKubernetes`.
<7> Specify the name of an existing VPC.
<8> Specify how to publish the user-facing endpoints of your cluster.
<9> Required. The installation program prompts you for this value.
<10> Provide the `sshKey` value that you use to access the machines in your cluster.
+
[IMPORTANT]
====
If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance.
====
//ifndef::openshift-origin[]
//<5> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead.
//+
//[IMPORTANT]
//====
//The use of FIPS Validated or Modules in Process cryptographic libraries is only supported on {product-title} deployments on the `x86_64` architecture.
//====
//<6> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
//endif::openshift-origin[]

ifdef::openshift-origin[]
<5> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
endif::openshift-origin[]
+
[NOTE]
====
For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses.
====
endif::ibm-powervs-vpc[]

ifdef::restricted[]
[source,yaml]
----
apiVersion: v1
baseDomain: example.com <1>
controlPlane: <2> <3>
  hyperthreading: Enabled <4>
  name: master
  platform:
    powervs:
      smtLevel: 8 <5>
  replicas: 3
compute: <2> <3>
- hyperthreading: Enabled <4>
  name: worker
  platform:
    powervs:
      smtLevel: 8 <5>
    ibmcloud: {}
  replicas: 3
metadata:
  name: example-restricted-cluster-name <1>
networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14 <6>
    hostPrefix: 23
  machineNetwork:
  - cidr: 10.0.0.0/16 <7>
  networkType: OVNKubernetes <8>
  serviceNetwork:
  - 192.168.0.0/24
platform:
  powervs:
    userid: ibm-user-id
    powervsResourceGroup: "ibmcloud-resource-group" <9>
    region: "powervs-region"
    vpcRegion: "vpc-region"
    vpcName: name-of-existing-vpc <10>
    zone: "powervs-zone"
    serviceInstanceID: "service-instance-id"
publish: Internal
credentialsMode: Manual
pullSecret: '{"auths":{"<local_registry>": {"auth": "<credentials>","email": "you@example.com"}}}' <11>
sshKey: ssh-ed25519 AAAA... <12>
additionalTrustBundle: | <13>
    -----BEGIN CERTIFICATE-----
    <MY_TRUSTED_CA_CERT>
    -----END CERTIFICATE-----
imageContentSources: <14>
- mirrors:
  - <local_registry>/<local_repository_name>/release
  source: quay.io/openshift-release-dev/ocp-release
- mirrors:
  - <local_registry>/<local_repository_name>/release
  source: quay.io/openshift-release-dev/ocp-v4.0-art-dev
----
<1> Required.
<2> If you do not provide these parameters and values, the installation program provides the default value.
<3> The `controlPlane` section is a single mapping, but the `compute` section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Only one control plane pool is used.
<4> Enables or disables simultaneous multithreading, also known as Hyper-Threading. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines.
+
[IMPORTANT]
====
If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. Use larger machine types, such as `n1-standard-8`, for your machines if you disable simultaneous multithreading.
====
<5> The smtLevel specifies the level of SMT to set to the control plane and compute machines. The supported values are 1, 2, 4, 8, `'off'` and `'on'`. The default value is 8. The smtLevel `'off'` sets SMT to off and smtlevel `'on'` sets SMT to the default value 8 on the cluster nodes.
+
[NOTE]
====
When simultaneous multithreading (SMT), or hyperthreading is not enabled, one vCPU is equivalent to one physical core. When enabled, total vCPUs is computed as (Thread(s) per core * Core(s) per socket) * Socket(s). The smtLevel controls the threads per core. Lower SMT levels may require additional assigned cores when deploying the cluster nodes. You can do this by setting the `'processors'` parameter in the `install-config.yaml` file to an appropriate value to meet the requirements for deploying {product-title} successfully.
====
<6> The machine CIDR must contain the subnets for the compute machines and control plane machines.
<7> The CIDR must contain the subnets defined in `platform.ibmcloud.controlPlaneSubnets` and `platform.ibmcloud.computeSubnets`.
<8> The cluster network plugin to install. The default value `OVNKubernetes` is the only supported value.
<9> The name of an existing resource group. The existing VPC and subnets should be in this resource group. The cluster is deployed to this resource group.
<10> Specify the name of an existing VPC.
<11> For `<local_registry>`, specify the registry domain name, and optionally the port, that your mirror registry uses to serve content. For example, registry.example.com or registry.example.com:5000. For `<credentials>`, specify the base64-encoded user name and password for your mirror registry.
<12> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
<13> Provide the contents of the certificate file that you used for your mirror registry.
<14> Provide the `imageContentSources` section from the output of the command to mirror the repository.
+
[NOTE]
====
For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses.
====
endif::restricted[]

ifeval::["{context}" == "installing-ibm-power-vs-customizations"]
:!ibm-power-vs:
endif::[]
ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"]
:!private:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"]
:!restricted:
endif::[]
ifeval::["{context}" == "installing-ibm-powervs-vpc"]
:!ibm-powervs-vpc:
endif::[]