openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
84cfbb08e42a5e033e57e570b2dc89fe4dfe787b
openshift-docs/modules/installation-aws-limits.adoc
Brendan Daly 7709fa2278 OSDOCS-16989_2:updating CQAs
2025-12-16 16:59:59 +00:00

100 lines
4.4 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * installing/installing_aws/installing-aws-account.adoc
:_mod-docs-content-type: CONCEPT
[id="installation-aws-limits_{context}"]
= {aws-short} account limits
[role="_abstract"]
The {product-title} cluster uses several {aws-first}
components, and the default
link:https://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html[Service Limits] affect your ability to install {product-title} clusters.
If you use certain cluster configurations, deploy your cluster in certain {aws-short} regions, or run multiple clusters from your account, you might need
to request additional resources for your {aws-short} account.
The following table summarizes the {aws-short} components whose limits can impact your ability to install and run {product-title} clusters.
[cols="2a,3a,3a,8a",options="header"]
|===
|Component |Number of clusters available by default| Default {aws-short} limit |Description
|Instance Limits
|Varies
|Varies
|By default, each cluster creates the following instances:
* One bootstrap machine, which is removed after installation
* Three control plane nodes
* Three worker nodes
These instance type counts are within a new account's default limit. To deploy more worker nodes, enable autoscaling, deploy large workloads, or use a different instance type, review your account limits to ensure that your cluster can deploy the machines that you need.
In most regions, the worker machines use an `m6i.large` instance
and the bootstrap and control plane machines use `m6i.xlarge` instances. In some regions, including all regions that do not support these instance types, `m5.large` and `m5.xlarge` instances are used instead.
|Elastic IPs (EIPs)
|0 to 1
|5 EIPs per account
|To provision the cluster in a highly available configuration, the installation program
creates a public and private subnet for each
link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html[availability zone within a region].
Each private subnet requires a
link:https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html[NAT Gateway],
and each NAT gateway requires a separate
link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html[elastic IP].
Review the
link:https://aws.amazon.com/about-aws/global-infrastructure/[AWS region map] to
determine how many availability zones are in each region. To take advantage of the default high availability, install the cluster in a region with at least three availability zones. To install a cluster in a region with more than five availability zones, you must increase the EIP limit.
[IMPORTANT]
====
To use the `us-east-1` region, you must increase the EIP limit for your account.
====
|Virtual Private Clouds (VPCs)
|5
|5 VPCs per region
|Each cluster creates its own VPC.
|Elastic Load Balancing (ELB/NLB)
|3
|20 per region
|By default, each cluster creates internal and external network load balancers for the master
API server and a single Classic Load Balancer for the router. Deploying more Kubernetes `Service` objects with type `LoadBalancer` will create additional
link:https://aws.amazon.com/elasticloadbalancing/[load balancers].
|NAT Gateways
|5
|5 per availability zone
|The cluster deploys one NAT gateway in each availability zone.
|Elastic Network Interfaces (ENIs)
|At least 12
|350 per region
|The default installation creates 21 ENIs and an ENI for each availability zone
in your region. For example, the `us-east-1` region contains six availability zones, so a cluster that is deployed in that zone uses 27 ENIs. Review the
link:https://aws.amazon.com/about-aws/global-infrastructure/[AWS region map] to
determine how many availability zones are in each region.
Additional ENIs are created for additional machines and ELB load balancers that are created by cluster usage and deployed workloads.
|VPC Gateway
|20
|20 per account
|Each cluster creates a single VPC Gateway for S3 access.
|S3 buckets
|99
|100 buckets per account
|Because the installation process creates a temporary bucket and the registry component in each cluster creates a bucket, you can create only 99 {product-title} clusters per {aws-short} account.
|Security Groups
|250
|2,500 per account
|Each cluster creates 10 distinct security groups.
| Fail, optionally surfacing response body to the user
|===
View Git Blame Copy Permalink