openshift-docs/installing/installing_azure/upi/installing-azure-user-infra.adoc

:_mod-docs-content-type: ASSEMBLY
[id="installing-azure-user-infra"]
= Installing a cluster on Azure using ARM templates
include::_attributes/common-attributes.adoc[]
:context: installing-azure-user-infra
:platform: Azure

toc::[]

In {product-title} version {product-version}, you can install a cluster on Microsoft Azure by using infrastructure that you provide.

Several link:https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/overview[Azure Resource Manager] (ARM) templates are provided to assist in completing these steps or to help model your own.

[IMPORTANT]
====
The steps for performing a user-provisioned infrastructure installation are provided as an example only. Installing a cluster with infrastructure you provide requires knowledge of the cloud provider and the installation process of {product-title}. Several ARM templates are provided to assist in completing these steps or to help model your own. You are also free to create the required resources through other methods; the templates are just an example.
====

== Prerequisites

* You reviewed details about the xref:../../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes.
* You read the documentation on xref:../../../installing/overview/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users].
* You xref:../../../installing/installing_azure/installing-azure-account.adoc#installing-azure-account[configured an Azure account] to host the cluster.
* You downloaded the Azure CLI and installed it on your computer. See link:https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest[Install the Azure CLI] in the Azure documentation. The following documentation was last tested using version `2.49.0` of the Azure CLI. Azure CLI commands might perform differently based on the version you use.
* If the cloud identity and access management (IAM) APIs are not accessible in your environment, or if you do not want to store an administrator-level credential secret in the `kube-system` namespace, see xref:../../../installing/installing_azure/ipi/installing-azure-customizations.adoc#installing-azure-manual-modes_installing-azure-customizations[Alternatives to storing administrator-level secrets in the kube-system project].
* If you use a firewall and plan to use the Telemetry service, you xref:../../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured the firewall to allow the sites] that your cluster requires access to.
+
[NOTE]
====
Be sure to also review this site list if you are configuring a proxy.
====

include::modules/cluster-entitlements.adoc[leveloffset=+1]

[id="installation-azure-user-infra-config-project"]
== Configuring your Azure project

Before you can install {product-title}, you must configure an Azure project to host it.

[IMPORTANT]
====
All Azure resources that are available through public endpoints are subject to resource name restrictions, and you cannot create resources that use certain terms. For a list of terms that Azure restricts, see link:https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-reserved-resource-name[Resolve reserved resource name errors] in the Azure documentation.
====

include::modules/installation-azure-limits.adoc[leveloffset=+2]

[role="_additional-resources"]
.Additional resources

* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage]

include::modules/installation-azure-network-config.adoc[leveloffset=+2]

You can view Azure's DNS solution by visiting this xref:installation-azure-create-dns-zones_{context}[example for creating DNS zones].

include::modules/csr-management.adoc[leveloffset=+2]

include::modules/installation-azure-subscription-tenant-id.adoc[leveloffset=+2]

include::modules/installation-azure-identities.adoc[leveloffset=+2]

include::modules/minimum-required-permissions-upi-azure.adoc[leveloffset=+2]

include::modules/installation-using-azure-managed-identities.adoc[leveloffset=+2]

include::modules/installation-creating-azure-service-principal.adoc[leveloffset=+2]

[role="_additional-resources"]
.Additional resources

* For more information about CCO modes, see xref:../../../authentication/managing_cloud_provider_credentials/about-cloud-credential-operator.adoc#about-cloud-credential-operator-modes[About the Cloud Credential Operator].

include::modules/installation-azure-regions.adoc[leveloffset=+2]

[id="installation-requirements-user-infra_{context}"]
== Requirements for a cluster with user-provisioned infrastructure

For a cluster that contains user-provisioned infrastructure, you must deploy all
of the required machines.

This section describes the requirements for deploying {product-title} on user-provisioned infrastructure.

include::modules/installation-machine-requirements.adoc[leveloffset=+2]

include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2]

[role="_additional-resources"]
.Additional resources

* xref:../../../scalability_and_performance/optimization/optimizing-storage.adoc#optimizing-storage[Optimizing storage]

include::modules/installation-azure-tested-machine-types.adoc[leveloffset=+2]

include::modules/installation-azure-arm-tested-machine-types.adoc[leveloffset=+2]

include::modules/installation-azure-marketplace-subscribe.adoc[leveloffset=+1]

include::modules/installation-obtaining-installer.adoc[leveloffset=+1]

include::modules/ssh-agent-using.adoc[leveloffset=+1]

include::modules/installation-user-infra-generate.adoc[leveloffset=+1]

include::modules/installation-disk-partitioning-upi-templates.adoc[leveloffset=+2]

include::modules/installation-initializing.adoc[leveloffset=+2]

include::modules/installation-configure-proxy.adoc[leveloffset=+2]

//include::modules/installation-three-node-cluster.adoc[leveloffset=+2]
include::modules/installation-user-infra-exporting-common-variables-arm-templates.adoc[leveloffset=+2]

include::modules/installation-user-infra-generate-k8s-manifest-ignition.adoc[leveloffset=+2]

include::modules/installation-azure-create-resource-group-and-identity.adoc[leveloffset=+1]

include::modules/installation-azure-user-infra-uploading-rhcos.adoc[leveloffset=+1]

include::modules/installation-azure-create-dns-zones.adoc[leveloffset=+1]

You can learn more about xref:installation-azure-network-config_{context}[configuring a public DNS zone in Azure] by visiting that section.

include::modules/installation-creating-azure-vnet.adoc[leveloffset=+1]

include::modules/installation-arm-vnet.adoc[leveloffset=+2]

include::modules/installation-azure-user-infra-deploying-rhcos.adoc[leveloffset=+1]

include::modules/installation-arm-image-storage.adoc[leveloffset=+2]

include::modules/installation-network-user-infra.adoc[leveloffset=+1]

include::modules/installation-creating-azure-dns.adoc[leveloffset=+1]

include::modules/installation-arm-dns.adoc[leveloffset=+2]

include::modules/installation-creating-azure-bootstrap.adoc[leveloffset=+1]

include::modules/installation-arm-bootstrap.adoc[leveloffset=+2]

include::modules/installation-creating-azure-control-plane.adoc[leveloffset=+1]

include::modules/installation-arm-control-plane.adoc[leveloffset=+2]

include::modules/installation-azure-user-infra-wait-for-bootstrap.adoc[leveloffset=+1]

include::modules/installation-creating-azure-worker.adoc[leveloffset=+1]

include::modules/installation-arm-worker.adoc[leveloffset=+2]

include::modules/cli-installing-cli.adoc[leveloffset=+1]

include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1]

include::modules/installation-approve-csrs.adoc[leveloffset=+1]

include::modules/installation-azure-create-ingress-dns-records.adoc[leveloffset=+1]

include::modules/installation-azure-user-infra-completing.adoc[leveloffset=+1]

include::modules/cluster-telemetry.adoc[leveloffset=+1]

[role="_additional-resources"]
.Additional resources

* See xref:../../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] for more information about the Telemetry service