openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
2076e9d7b1d398212f4c21f28f67c6be0787af21
openshift-docs/modules/installation-initializing.adoc
Brendan Daly 378b77838f OSDOCS-12577:removing duplicate prereqs
2025-01-15 12:26:02 +00:00

778 lines
32 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * installing/installing_aws/installing-alibaba-default.adoc
// * installing/installing_aws/installing-alibaba-customizations.adoc
// * installing/installing_alibaba/installing-alibaba-network-customizations.adoc
// * installing/installing_aws/installing-alibaba-vpc.adoc
// * installing/installing_aws/installing-aws-customizations.adoc
// * installing/installing_aws/installing-aws-network-customizations.adoc
// * installing/installing_aws/installing-aws-vpc.adoc
// * installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.adoc
// * installing/installing_aws/installing-aws-outposts-remote-workers.adoc
// * installing/installing_azure/installing-azure-customizations.adoc
// * installing/installing_azure/installing-azure-network-customizations
// * installing/installing_azure/installing-azure-vnet.adoc
// * installing/installing_azure/installing-azure-user-infra.adoc
// * installing/installing_gcp/installing-gcp-customizations.adoc
// * installing/installing_gcp/installing-gcp-network-customizations.adoc
// * installing/installing_gcp/installing-gcp-vpc.adoc
// * installing/installing_gcp/installing-gcp-shared-vpc.adoc
// * installing/installing_gcp/installing-gcp-user-infra.adoc
// * installing/installing_gcp/installing-restricted-networks-gcp.adoc
// * installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc
// * installing/installing_ibm_cloud_public/installing-ibm-cloud-customizations.adoc
// * installing/installing_ibm_cloud_public/installing-ibm-cloud-network-customizations.adoc
// * installing/installing_ibm_cloud_public/installing-ibm-cloud-vpc.adoc
// * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc
// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc
// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc
// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc
// * installing/installing_openstack/installing-openstack-installer-custom.adoc
// * installing/installing_openstack/installing-openstack-installer-kuryr.adoc
// * installing/installing_openstack/installing-openstack-installer-restricted.adoc
// * installing/installing_openstack/installing-openstack-user-kuryr.adoc
// * installing/installing_openstack/installing-openstack-user.adoc
// * installing/installing_vmc/installing-vmc-customizations.adoc
// * installing/installing_vmc/installing-vmc-network-customizations.adoc
// * installing/installing_vmc/installing-restricted-networks-vmc.adoc
// * installing/installing_vsphere/installing-vsphere-installer-provisioned-customizations.adoc
// * installing/installing_vsphere/installing-vsphere-installer-provisioned-network-customizations.adoc
// * installing/installing_vsphere/installing-restricted-networks-installer-provisioned-vsphere.adoc
// * installing/installing_nutanix/configuring-iam-nutanix.adoc
// * installing/installing-restricted-networks-nutanix-installer-provisioned.adoc
// * installing/installing_azure/installing-restricted-networks-azure-user-provisioned.adoc
// * installing/installing_gcp/installing-openstack-installer-restricted.adoc
// Consider also adding the installation-configuration-parameters.adoc module.
//YOU MUST SET AN IFEVAL FOR EACH NEW MODULE
ifeval::["{context}" == "installing-alibaba-default"]
:alibabacloud-default:
endif::[]
ifeval::["{context}" == "installing-alibaba-customizations"]
:alibabacloud-custom:
endif::[]
ifeval::["{context}" == "installing-alibaba-vpc"]
:alibabacloud-vpc:
endif::[]
ifeval::["{context}" == "installing-aws-customizations"]
:aws:
:three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-aws-network-customizations"]
:aws:
endif::[]
ifeval::["{context}" == "installing-aws-vpc"]
:aws:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-aws-installer-provisioned"]
:aws:
:restricted:
endif::[]
ifeval::["{context}" == "installing-aws-outposts-remote-workers"]
:aws:
:aws-outposts:
endif::[]
ifeval::["{context}" == "installing-azure-customizations"]
:azure:
:three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-azure-network-customizations"]
:azure:
endif::[]
ifeval::["{context}" == "installing-azure-vnet"]
:azure:
endif::[]
ifeval::["{context}" == "installing-azure-user-infra"]
:azure:
:three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-gcp-customizations"]
:gcp:
:three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-gcp-vpc"]
:gcp:
endif::[]
ifeval::["{context}" == "installing-gcp-shared-vpc"]
:gcp:
endif::[]
ifeval::["{context}" == "installing-gcp-network-customizations"]
:gcp:
endif::[]
ifeval::["{context}" == "installing-gcp-user-infra"]
:gcp:
:three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-gcp-user-infra-vpc"]
:gcp:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-gcp"]
:gcp:
:restricted:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-gcp-installer-provisioned"]
:gcp:
:restricted:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-customizations"]
:ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-ibm-power-vs-customizations"]
:ibm-power-vs:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"]
:ibm-power-vs:
:restricted:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-network-customizations"]
:ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-vpc"]
:ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-private"]
:ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-custom"]
:osp:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-kuryr"]
:osp:
endif::[]
ifeval::["{context}" == "installing-openstack-user"]
:osp:
:osp-user:
endif::[]
ifeval::["{context}" == "installing-openstack-user-kuryr"]
:osp:
:osp-user:
endif::[]
ifeval::["{context}" == "installing-openstack-user-sr-iov"]
:osp:
:osp-user:
endif::[]
ifeval::["{context}" == "installing-openstack-user-sr-iov-kuryr"]
:osp:
:osp-user:
endif::[]
ifeval::["{context}" == "installing-vsphere-installer-provisioned-customizations"]
:vsphere:
:three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-vsphere-installer-provisioned-network-customizations"]
:vsphere:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-restricted"]
:osp:
:restricted:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-installer-provisioned-vsphere"]
:vsphere:
:restricted:
endif::[]
ifeval::["{context}" == "installing-nutanix-installer-provisioned"]
:nutanix:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-nutanix-installer-provisioned"]
:nutanix:
:restricted:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-azure-installer-provisioned"]
:azure:
:restricted:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-azure-user-provisioned"]
:azure:
:restricted:
endif::[]
:_mod-docs-content-type: PROCEDURE
[id="installation-initializing_{context}"]
= Creating the installation configuration file
You can customize the {product-title} cluster you install on
ifdef::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
Alibaba Cloud.
endif::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
ifdef::aws[]
Amazon Web Services (AWS).
endif::aws[]
ifdef::azure[]
Microsoft Azure.
endif::azure[]
ifdef::gcp[]
Google Cloud Platform (GCP).
endif::gcp[]
ifdef::ibm-cloud[]
{ibm-cloud-name}.
endif::ibm-cloud[]
ifdef::osp[]
{rh-openstack-first}.
endif::osp[]
ifdef::vsphere[]
VMware vSphere.
endif::vsphere[]
ifdef::nutanix[]
Nutanix.
endif::nutanix[]
.Prerequisites
* You have the {product-title} installation program and the pull secret for your cluster.
ifdef::restricted[]
For a restricted network installation, these files are on your mirror host.
ifndef::nutanix[]
* You have the `imageContentSources` values that were generated during mirror registry creation.
endif::nutanix[]
ifdef::nutanix+restricted[]
* You have the `imageContentSourcePolicy.yaml` file that was created when you mirrored your registry.
* You have the location of the {op-system-first} image you download.
endif::nutanix+restricted[]
* You have obtained the contents of the certificate for your mirror registry.
ifndef::aws,gcp[]
* You have retrieved a {op-system-first} image and uploaded it to an accessible location.
endif::aws,gcp[]
endif::restricted[]
ifdef::azure[]
* You have an Azure subscription ID and tenant ID.
* If you are installing the cluster using a service principal, you have its application ID and password.
* If you are installing the cluster using a system-assigned managed identity, you have enabled it on the virtual machine that you will run the installation program from.
* If you are installing the cluster using a user-assigned managed identity, you have met these prerequisites:
** You have its client ID.
** You have assigned it to the virtual machine that you will run the installation program from.
endif::azure[]
ifdef::nutanix[]
* You have verified that you have met the Nutanix networking requirements. For more information, see "Preparing to install on Nutanix".
endif::nutanix[]
ifdef::gcp[]
* Configure a {gcp-short} account.
endif::gcp[]
.Procedure
ifdef::azure[]
. Optional: If you have run the installation program on this computer before, and want to use an alternative service principal or managed identity, go to the `~/.azure/` directory and delete the `osServicePrincipal.json` configuration file.
+
Deleting this file prevents the installation program from automatically reusing subscription and authentication values from a previous installation.
endif::azure[]
. Create the `install-config.yaml` file.
+
.. Change to the directory that contains the installation program and run the following command:
+
[source,terminal]
----
$ ./openshift-install create install-config --dir <installation_directory> <1>
----
<1> For `<installation_directory>`, specify the directory name to store the
files that the installation program creates.
+
When specifying the directory:
* Verify that the directory has the `execute` permission. This permission is required to run Terraform binaries under the installation directory.
* Use an empty directory. Some installation assets, such as bootstrap X.509 certificates, have short expiration intervals, therefore you must not reuse an installation directory. If you want to reuse individual files from another cluster installation, you can copy them into your directory. However, the file names for the installation assets might change between releases. Use caution when copying installation files from an earlier {product-title} version.
+
[NOTE]
=====
Always delete the `~/.powervs` directory to avoid reusing a stale configuration. Run the following command:
[source,terminal]
----
$ rm -rf ~/.powervs
----
=====
.. At the prompts, provide the configuration details for your cloud:
... Optional: Select an SSH key to use to access your cluster machines.
+
[NOTE]
====
For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses.
====
ifdef::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
... Select *alibabacloud* as the platform to target.
... Select the region to deploy the cluster to.
... Select the base domain to deploy the cluster to. The base domain corresponds to the public DNS zone that you created for your cluster.
... Provide a descriptive name for your cluster.
endif::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
ifdef::aws[]
... Select *AWS* as the platform to target.
... If you do not have an Amazon Web Services (AWS) profile stored on your computer, enter the AWS
access key ID and secret access key for the user that you configured to run the
installation program.
... Select the AWS region to deploy the cluster to.
... Select the base domain for the Route 53 service that you configured for your cluster.
endif::aws[]
ifdef::azure[]
... Select *azure* as the platform to target.
+
If the installation program cannot locate the `osServicePrincipal.json` configuration file from a previous installation, you are prompted for Azure subscription and authentication values.
... Enter the following Azure parameter values for your subscription:
**** *azure subscription id*: Enter the subscription ID to use for the cluster.
**** *azure tenant id*: Enter the tenant ID.
... Depending on the Azure identity you are using to deploy the cluster, do one of the following when prompted for the *azure service principal client id*:
**** If you are using a service principal, enter its application ID.
**** If you are using a system-assigned managed identity, leave this value blank.
**** If you are using a user-assigned managed identity, specify its client ID.
... Depending on the Azure identity you are using to deploy the cluster, do one of the following when prompted for the *azure service principal client secret*:
**** If you are using a service principal, enter its password.
**** If you are using a system-assigned managed identity, leave this value blank.
**** If you are using a user-assigned managed identity, leave this value blank.
... Select the region to deploy the cluster to.
... Select the base domain to deploy the cluster to. The base domain corresponds
to the Azure DNS Zone that you created for your cluster.
endif::azure[]
ifdef::gcp[]
... Select *gcp* as the platform to target.
... If you have not configured the service account key for your GCP account on
your computer, you must obtain it from GCP and paste the contents of the file
or enter the absolute path to the file.
... Select the project ID to provision the cluster in. The default value is
specified by the service account that you configured.
... Select the region to deploy the cluster to.
... Select the base domain to deploy the cluster to. The base domain corresponds
to the public DNS zone that you created for your cluster.
endif::gcp[]
ifdef::ibm-cloud[]
... Select *ibmcloud* as the platform to target.
... Select the region to deploy the cluster to.
... Select the base domain to deploy the cluster to. The base domain corresponds
to the public DNS zone that you created for your cluster.
endif::ibm-cloud[]
ifdef::ibm-power-vs[]
... Select *powervs* as the platform to target.
... Select the region to deploy the cluster to.
... Select the zone to deploy the cluster to.
... Select the base domain to deploy the cluster to. The base domain corresponds
to the public DNS zone that you created for your cluster.
endif::ibm-power-vs[]
ifdef::osp[]
... Select *openstack* as the platform to target.
... Specify the {rh-openstack-first} external network name to use for installing the cluster.
... Specify the floating IP address to use for external access to the OpenShift API.
... Specify a {rh-openstack} flavor with at least 16 GB RAM to use for control plane nodes
and 8 GB RAM for compute nodes.
... Select the base domain to deploy the cluster to. All DNS records will be
sub-domains of this base and will also include the cluster name.
endif::osp[]
ifdef::vsphere[]
... Select *vsphere* as the platform to target.
... Specify the name of your vCenter instance.
... Specify the user name and password for the vCenter account that has the required permissions to create the cluster.
+
The installation program connects to your vCenter instance.
... Select the data center in your vCenter instance to connect to.
+
[NOTE]
====
After you create the installation configuration file, you can modify the file to create a multiple vSphere datacenters environment. This means that you can deploy an {product-title} cluster to multiple vSphere datacenters that run in a single VMware vCenter. For more information about creating this environment, see the section named _VMware vSphere region and zone enablement_.
====
... Select the default vCenter datastore to use.
+
[WARNING]
====
You can specify the path of any datastore that exists in a datastore cluster. By default, Storage Distributed Resource Scheduler (SDRS), which uses Storage vMotion, is automatically enabled for a datastore cluster. Red Hat does not support Storage vMotion, so you must disable Storage DRS to avoid data loss issues for your {product-title} cluster.
You cannot specify more than one datastore path. If you must specify VMs across multiple datastores, use a `datastore` object to specify a failure domain in your cluster's `install-config.yaml` configuration file. For more information, see "VMware vSphere region and zone enablement".
====
... Select the vCenter cluster to install the {product-title} cluster in. The installation program uses the root resource pool of the vSphere cluster as the default resource pool.
... Select the network in the vCenter instance that contains the virtual IP addresses and DNS records that you configured.
... Enter the virtual IP address that you configured for control plane API access.
... Enter the virtual IP address that you configured for cluster ingress.
... Enter the base domain. This base domain must be the same one that you used in the DNS records that you configured.
endif::vsphere[]
ifdef::nutanix[]
... Select *nutanix* as the platform to target.
... Enter the Prism Central domain name or IP address.
... Enter the port that is used to log into Prism Central.
... Enter the credentials that are used to log into Prism Central.
+
The installation program connects to Prism Central.
... Select the Prism Element that will manage the {product-title} cluster.
... Select the network subnet to use.
... Enter the virtual IP address that you configured for control plane API access.
... Enter the virtual IP address that you configured for cluster ingress.
... Enter the base domain. This base domain must be the same one that you configured in the DNS records.
endif::nutanix[]
ifndef::osp[]
ifndef::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
... Enter a descriptive name for your cluster.
ifdef::azure[]
+
[IMPORTANT]
====
All Azure resources that are available through public endpoints are subject to resource name restrictions, and you cannot create resources that use certain terms. For a list of terms that Azure restricts, see link:https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-reserved-resource-name[Resolve reserved resource name errors] in the Azure documentation.
====
endif::azure[]
+
ifdef::azure+restricted[]
... Paste the {cluster-manager-url-pull}.
endif::azure+restricted[]
ifdef::vsphere,nutanix[]
The cluster name you enter must match the cluster name you specified when configuring the DNS records.
endif::vsphere,nutanix[]
endif::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
endif::osp[]
ifdef::osp[]
... Enter a name for your cluster. The name must be 14 or fewer characters long.
endif::osp[]
ifdef::aws-outposts[]
. Modify the `install-config.yaml` file. The AWS Outposts installation has the following limitations which require manual modification of the `install-config.yaml` file:
* Unlike AWS Regions, which offer near-infinite scale, AWS Outposts are limited by their provisioned capacity, EC2 family and generations, configured instance sizes, and availability of compute capacity that is not already consumed by other workloads. Therefore, when creating new {product-title} cluster, you need to provide the supported instance type in the `compute.platform.aws.type` section in the configuration file.
* When deploying {product-title} cluster with remote workers running in AWS Outposts, only one Availability Zone can be used for the compute instances - the Availability Zone in which the Outpost instance was created in. Therefore, when creating new {product-title} cluster, it recommended to provide the relevant Availability Zone in the `compute.platform.aws.zones` section in the configuration file, in order to limit the compute instances to this Availability Zone.
* Amazon Elastic Block Store (EBS) gp3 volumes aren't supported by the AWS Outposts service. This volume type is the default type used by the {product-title} cluster. Therefore, when creating new {product-title} cluster, you must change the volume type in the `compute.platform.aws.rootVolume.type` section to gp2.
You will find more information about how to change these values below.
endif::aws-outposts[]
ifndef::restricted,alibabacloud-default,alibabacloud-custom,alibabacloud-vpc,nutanix,aws-outposts[]
. Modify the `install-config.yaml` file. You can find more information about the available parameters in the "Installation configuration parameters" section.
endif::restricted,alibabacloud-default,alibabacloud-custom,alibabacloud-vpc,nutanix,aws-outposts[]
ifdef::three-node-cluster[]
+
[NOTE]
====
If you are installing a three-node cluster, be sure to set the `compute.replicas` parameter to `0`. This ensures that the cluster's control planes are schedulable. For more information, see "Installing a three-node cluster on {platform}".
====
endif::three-node-cluster[]
ifdef::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
. Installing the cluster into Alibaba Cloud requires that the Cloud Credential Operator (CCO) operate in manual mode. Modify the `install-config.yaml` file to set the `credentialsMode` parameter to `Manual`:
+
.Example install-config.yaml configuration file with `credentialsMode` set to `Manual`
[source,yaml]
----
apiVersion: v1
baseDomain: cluster1.example.com
credentialsMode: Manual <1>
compute:
- architecture: amd64
hyperthreading: Enabled
...
----
<1> Add this line to set the `credentialsMode` to `Manual`.
endif::alibabacloud-default,alibabacloud-custom,alibabacloud-vpc[]
ifdef::alibabacloud-custom,alibabacloud-vpc[]
. Modify the `install-config.yaml` file. You can find more information about the available parameters in the "Installation configuration parameters" section.
endif::alibabacloud-custom,alibabacloud-vpc[]
ifdef::osp+restricted[]
. In the `install-config.yaml` file, set the value of `platform.openstack.clusterOSImage` to the image location or name. For example:
+
[source,yaml]
----
platform:
openstack:
clusterOSImage: http://mirror.example.com/images/rhcos-43.81.201912131630.0-openstack.x86_64.qcow2.gz?sha256=ffebbd68e8a1f2a245ca19522c16c86f67f9ac8e4e0c1f0a812b068b16f7265d
----
endif::osp+restricted[]
ifdef::vsphere+restricted[]
. In the `install-config.yaml` file, set the value of `platform.vsphere.clusterOSImage` to the image location or name. For example:
+
[source,yaml]
----
platform:
vsphere:
clusterOSImage: http://mirror.example.com/images/rhcos-43.81.201912131630.0-vmware.x86_64.ova?sha256=ffebbd68e8a1f2a245ca19522c16c86f67f9ac8e4e0c1f0a812b068b16f7265d
----
endif::vsphere+restricted[]
ifdef::nutanix+restricted[]
. In the `install-config.yaml` file, set the value of `platform.nutanix.clusterOSImage` to the image location or name. For example:
+
[source,yaml]
----
platform:
nutanix:
clusterOSImage: http://mirror.example.com/images/rhcos-47.83.202103221318-0-nutanix.x86_64.qcow2
----
endif::nutanix+restricted[]
ifdef::restricted[]
. Edit the `install-config.yaml` file to give the additional information that is required for an installation in a restricted network.
.. Update the `pullSecret` value to contain the authentication information for
your registry:
+
[source,yaml]
----
pullSecret: '{"auths":{"<mirror_host_name>:5000": {"auth": "<credentials>","email": "you@example.com"}}}'
----
+
For `<mirror_host_name>`, specify the registry domain name
that you specified in the certificate for your mirror registry, and for
`<credentials>`, specify the base64-encoded user name and password for
your mirror registry.
.. Add the `additionalTrustBundle` parameter and value.
+
[source,yaml]
----
additionalTrustBundle: |
-----BEGIN CERTIFICATE-----
ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
-----END CERTIFICATE-----
----
+
The value must be the contents of the certificate file that you used for your mirror registry. The certificate file can be an existing, trusted certificate authority, or the self-signed certificate that you generated for the mirror registry.
ifdef::aws+restricted[]
.. Define the subnets for the VPC to install the cluster in:
+
[source,yaml]
----
subnets:
- subnet-1
- subnet-2
- subnet-3
----
endif::aws+restricted[]
ifdef::azure+restricted[]
.. Define the network and subnets for the VNet to install the cluster under the `platform.azure` field:
+
[source,yaml]
----
networkResourceGroupName: <vnet_resource_group> <1>
virtualNetwork: <vnet> <2>
controlPlaneSubnet: <control_plane_subnet> <3>
computeSubnet: <compute_subnet> <4>
----
<1> Replace `<vnet_resource_group>` with the resource group name that contains the existing virtual network (VNet).
<2> Replace `<vnet>` with the existing virtual network name.
<3> Replace `<control_plane_subnet>` with the existing subnet name to deploy the control plane machines.
<4> Replace `<compute_subnet>` with the existing subnet name to deploy compute machines.
endif::azure+restricted[]
ifdef::gcp+restricted[]
.. Define the network and subnets for the VPC to install the cluster in under the parent `platform.gcp` field:
+
[source,yaml]
----
network: <existing_vpc>
controlPlaneSubnet: <control_plane_subnet>
computeSubnet: <compute_subnet>
----
+
For `platform.gcp.network`, specify the name for the existing Google VPC. For `platform.gcp.controlPlaneSubnet` and `platform.gcp.computeSubnet`, specify the existing subnets to deploy the control plane machines and compute machines, respectively.
endif::gcp+restricted[]
ifdef::ibm-power-vs+restricted[]
.. Define the network and subnets for the VPC to install the cluster in under the parent `platform.powervs` field:
+
[source,yaml]
----
vpcName: <existing_vpc>
vpcSubnets: <vpcSubnet>
----
+
For `platform.powervs.vpcName`, specify the name for the existing {ibm-cloud-name}. For `platform.powervs.vpcSubnets`, specify the existing subnets.
endif::ibm-power-vs+restricted[]
.. Add the image content resources, which resemble the following YAML excerpt:
+
[source,yaml]
----
imageContentSources:
- mirrors:
- <mirror_host_name>:5000/<repo_name>/release
source: quay.io/openshift-release-dev/ocp-release
- mirrors:
- <mirror_host_name>:5000/<repo_name>/release
source: registry.redhat.io/ocp/release
----
+
ifndef::nutanix[]
For these values, use the `imageContentSources` that you recorded during mirror registry creation.
ifdef::restricted[]
.. Optional: Set the publishing strategy to `Internal`:
+
[source,yaml]
----
publish: Internal
----
+
By setting this option, you create an internal Ingress Controller and a private load balancer.
ifdef::azure[]
+
[IMPORTANT]
====
Azure Firewall link:https://learn.microsoft.com/en-us/azure/firewall/integrate-lb[does not work seamlessly] with Azure Public Load balancers. Thus, when using Azure Firewall for restricting internet access, the `publish` field in `install-config.yaml` should be set to `Internal`.
====
endif::azure[]
endif::restricted[]
endif::nutanix[]
ifdef::nutanix[]
For these values, use the `imageContentSourcePolicy.yaml` file that was created when you mirrored the registry.
endif::nutanix[]
ifndef::nutanix[]
. Make any other modifications to the `install-config.yaml` file that you require. You can find more information about
the available parameters in the *Installation configuration parameters* section.
endif::nutanix[]
endif::restricted[]
ifdef::nutanix[]
. Optional: Update one or more of the default configuration parameters in the `install.config.yaml` file to customize the installation.
+
For more information about the parameters, see "Installation configuration parameters".
+
[NOTE]
====
If you are installing a three-node cluster, be sure to set the `compute.replicas` parameter to `0`. This ensures that cluster's control planes are schedulable. For more information, see "Installing a three-node cluster on {platform}".
====
endif::nutanix[]
. Back up the `install-config.yaml` file so that you can use
it to install multiple clusters.
+
[IMPORTANT]
====
The `install-config.yaml` file is consumed during the installation process. If
you want to reuse the file, you must back it up now.
====
ifdef::azure[]
If previously not detected, the installation program creates an `osServicePrincipal.json` configuration file and stores this file in the `~/.azure/` directory on your computer. This ensures that the installation program can load the profile when it is creating an {product-title} cluster on the target platform.
endif::azure[]
ifdef::osp-user[You now have the file `install-config.yaml` in the directory that you specified.]
ifeval::["{context}" == "installing-alibaba-default"]
:!alibabacloud-default:
endif::[]
ifeval::["{context}" == "installing-alibaba-customizations"]
:!alibabacloud-custom:
endif::[]
ifeval::["{context}" == "installing-alibaba-vpc"]
:!alibabacloud-vpc:
endif::[]
ifeval::["{context}" == "installing-aws-customizations"]
:!aws:
:!three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-aws-network-customizations"]
:!aws:
endif::[]
ifeval::["{context}" == "installing-aws-vpc"]
:!aws:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-aws-installer-provisioned"]
:!aws:
:!restricted:
endif::[]
ifeval::["{context}" == "installing-aws-outposts-remote-workers"]
:!aws:
:!aws-outposts:
endif::[]
ifeval::["{context}" == "installing-azure-customizations"]
:!azure:
:!three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-azure-network-customizations"]
:!azure:
endif::[]
ifeval::["{context}" == "installing-azure-vnet"]
:!azure:
endif::[]
ifeval::["{context}" == "installing-azure-user-infra"]
:!azure:
:!three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-gcp-customizations"]
:!gcp:
:!three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-gcp-network-customizations"]
:!gcp:
endif::[]
ifeval::["{context}" == "installing-gcp-vpc"]
:!gcp:
endif::[]
ifeval::["{context}" == "installing-gcp-shared-vpc"]
:!gcp:
endif::[]
ifeval::["{context}" == "installing-gcp-user-infra"]
:!gcp:
:!three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-gcp-user-infra-vpc"]
:!gcp:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-gcp"]
:!gcp:
:!restricted:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-gcp-installer-provisioned"]
:!gcp:
:!restricted:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-customizations"]
:!ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-ibm-power-vs-customizations"]
:!ibm-power-vs:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"]
:!ibm-power-vs:
:!restricted:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-network-customizations"]
:!ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-vpc"]
:!ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-private"]
:!ibm-cloud:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-custom"]
:!osp:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-kuryr"]
:!osp:
endif::[]
ifeval::["{context}" == "installing-openstack-user"]
:!osp:
:!osp-user:
endif::[]
ifeval::["{context}" == "installing-openstack-user-kuryr"]
:!osp:
:!osp-user:
endif::[]
ifeval::["{context}" == "installing-openstack-user-sr-iov"]
:!osp:
:!osp-user:
endif::[]
ifeval::["{context}" == "installing-openstack-user-sr-iov-kuryr"]
:!osp:
:!osp-user:
endif::[]
ifeval::["{context}" == "installing-vsphere-installer-provisioned-customizations"]
:!vsphere:
:!three-node-cluster:
endif::[]
ifeval::["{context}" == "installing-vsphere-installer-provisioned-network-customizations"]
:!vsphere:
endif::[]
ifeval::["{context}" == "installing-openstack-installer-restricted"]
:!osp:
:!restricted:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-installer-provisioned-vsphere"]
:!vsphere:
:!restricted:
endif::[]
ifeval::["{context}" == "installing-nutanix-installer-provisioned"]
:!nutanix:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-nutanix-installer-provisioned"]
:!nutanix:
:!restricted:
endif::[]
:!platform:
ifeval::["{context}" == "installing-restricted-networks-azure-installer-provisioned"]
:!azure:
:!restricted:
endif::[]
ifeval::["{context}" == "installing-restricted-networks-azure-user-provisioned"]
:!azure:
:!restricted:
endif::[]
View Git Blame Copy Permalink