openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
8e9cae1cca47c0d77cc569059f1b98353ff2aed7
openshift-docs/modules/private-clusters-default.adoc
dfitzmau 96ba14be71 ibm-name-clean-up
2023-11-15 11:13:03 +00:00

106 lines
4.1 KiB
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * installing/installing_aws/installing-aws-china.adoc
// * installing/installing_aws/installing-aws-government-region.adoc
// * installing/installing_aws/installing-aws-private.adoc
// * installing/installing_aws/installing-aws-secret-region.adoc
// * installing/installing_gcp/installing-gcp-private.adoc
// * installing/installing_azure/installing-azure-government-region.adoc
// * installing/installing_azure/installing-azure-private.adoc
// * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc
[id="private-clusters-default_{context}"]
= Private clusters
ifeval::["{context}" == "installing-aws-government-region"]
:aws-gov:
endif::[]
ifeval::["{context}" == "installing-aws-china-region"]
:aws-china:
endif::[]
ifeval::["{context}" == "installing-aws-secret-region"]
:aws-secret:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-private"]
:ibm-cloud-private:
endif::[]
ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"]
:ibm-power-vs-private:
endif::[]
You can deploy a private {product-title} cluster that does not expose external endpoints. Private clusters are accessible from only an internal network and are not visible to the internet.
ifdef::aws-gov[]
[NOTE]
====
Public zones are not supported in Route 53 in an AWS GovCloud Region. Therefore, clusters
must be private if they are deployed to an AWS GovCloud Region.
====
endif::aws-gov[]
ifdef::aws-secret[]
[NOTE]
====
Public zones are not supported in Route 53 in an AWS Top Secret Region. Therefore, clusters
must be private if they are deployed to an AWS Top Secret Region.
====
endif::aws-secret[]
By default, {product-title} is provisioned to use publicly-accessible DNS and endpoints. A private cluster sets the DNS, Ingress Controller, and API server to private when you deploy your cluster. This means that the cluster resources are only accessible from your internal network and are not visible to the internet.
include::snippets/snip-private-clusters-public-ingress.adoc[]
To deploy a private cluster, you must:
ifndef::ibm-power-vs-private[]
* Use existing networking that meets your requirements. Your cluster resources might be shared between other clusters on the network.
endif::ibm-power-vs-private[]
ifdef::ibm-power-vs-private[]
* Use existing networking that meets your requirements.
endif::ibm-power-vs-private[]
ifdef::ibm-cloud-private,ibm-power-vs-private[]
* Create a DNS zone using {ibm-cloud-name} DNS Services and specify it as the base domain of the cluster. For more information, see "Using {ibm-cloud-name} DNS Services to configure DNS resolution".
endif::ibm-cloud-private,ibm-power-vs-private[]
* Deploy from a machine that has access to:
** The API services for the cloud to which you provision.
** The hosts on the network that you provision.
** The internet to obtain installation media.
ifndef::aws-china[]
You can use any machine that meets these access requirements and follows your company's guidelines. For example, this machine can be a bastion host on your cloud network or a machine that has access to the network through a VPN.
endif::aws-china[]
ifdef::aws-china[]
You can use any machine that meets these access requirements and follows your company's guidelines. For example, this machine can be a bastion host on your cloud network.
endif::aws-china[]
ifdef::aws-china[]
[NOTE]
====
AWS China does not support a VPN connection between the VPC and your network. For more information about the Amazon VPC service in the Beijing and Ningxia regions, see link:https://docs.amazonaws.cn/en_us/aws/latest/userguide/vpc.html[Amazon Virtual Private Cloud] in the AWS China documentation.
====
endif::aws-china[]
ifeval::["{context}" == "installing-aws-government-region"]
:!aws-gov:
endif::[]
ifeval::["{context}" == "installing-aws-china-region"]
:!aws-china:
endif::[]
ifeval::["{context}" == "installing-aws-secret-region"]
:!aws-secret:
endif::[]
ifeval::["{context}" == "installing-ibm-cloud-private"]
:!ibm-cloud-private:
endif::[]
ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"]
:!ibm-power-vs-private:
endif::[]
View Git Blame Copy Permalink