diff --git a/installing/installing-gather-logs.adoc b/installing/installing-gather-logs.adoc index c1c8802f2744..8b794c7094c3 100644 --- a/installing/installing-gather-logs.adoc +++ b/installing/installing-gather-logs.adoc @@ -10,7 +10,7 @@ gather logs from the bootstrap and control plane, or master, machines. .Prerequisites -* You attempted to install a {product-title} cluster, and installation failed. +* You attempted to install an {product-title} cluster, and installation failed. * You provided an SSH key to the installation program, and that key is in your running `ssh-agent` process. diff --git a/installing/installing_aws/installing-aws-customizations.adoc b/installing/installing_aws/installing-aws-customizations.adoc index 8727bd2e819a..d74ed4ab6b78 100644 --- a/installing/installing_aws/installing-aws-customizations.adoc +++ b/installing/installing_aws/installing-aws-customizations.adoc @@ -1,14 +1,14 @@ [id="installing-aws-customizations"] = Installing a cluster on AWS with customizations include::modules/common-attributes.adoc[] -:context: install-customizations-cloud +:context: installing-aws-customizations toc::[] In {product-title} version {product-version}, you can install a customized cluster on infrastructure that the installation program provisions on Amazon Web Services (AWS). To customize the installation, you modify -some parameters in the `install-config.yaml` file before you install the cluster. +parameters in the `install-config.yaml` file before you install the cluster. .Prerequisites diff --git a/installing/installing_aws_user_infra/installing-aws-user-infra.adoc b/installing/installing_aws_user_infra/installing-aws-user-infra.adoc index 07d24f6d79b6..fe9f3ab5adb5 100644 --- a/installing/installing_aws_user_infra/installing-aws-user-infra.adoc +++ b/installing/installing_aws_user_infra/installing-aws-user-infra.adoc @@ -1,5 +1,5 @@ [id="installing-aws-user-infra"] -= Installing a cluster on AWS using CloudFormation templates += Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates include::modules/common-attributes.adoc[] :context: installing-aws-user-infra diff --git a/installing/installing_azure/installing-azure-customizations.adoc b/installing/installing_azure/installing-azure-customizations.adoc index 5d5a7badffbc..1ea78d2e5963 100644 --- a/installing/installing_azure/installing-azure-customizations.adoc +++ b/installing/installing_azure/installing-azure-customizations.adoc @@ -8,7 +8,7 @@ toc::[] In {product-title} version {product-version}, you can install a customized cluster on infrastructure that the installation program provisions on Microsoft Azure. To customize the installation, you modify -some parameters in the `install-config.yaml` file before you install the cluster. +parameters in the `install-config.yaml` file before you install the cluster. .Prerequisites diff --git a/installing/installing_gcp/installing-gcp-customizations.adoc b/installing/installing_gcp/installing-gcp-customizations.adoc index a090667ef9ba..258aca59b3cb 100644 --- a/installing/installing_gcp/installing-gcp-customizations.adoc +++ b/installing/installing_gcp/installing-gcp-customizations.adoc @@ -8,7 +8,7 @@ toc::[] In {product-title} version {product-version}, you can install a customized cluster on infrastructure that the installation program provisions on Google Cloud Platform (GCP). To customize the installation, you modify -some parameters in the `install-config.yaml` file before you install the cluster. +parameters in the `install-config.yaml` file before you install the cluster. .Prerequisites diff --git a/installing/installing_restricted_networks/installing-restricted-networks-aws.adoc b/installing/installing_restricted_networks/installing-restricted-networks-aws.adoc index 979d132241f0..888d8704b2c8 100644 --- a/installing/installing_restricted_networks/installing-restricted-networks-aws.adoc +++ b/installing/installing_restricted_networks/installing-restricted-networks-aws.adoc @@ -11,7 +11,7 @@ an internal mirror of the installation release content. [IMPORTANT] ==== -While you can install a {product-title} cluster by using mirrored installation +While you can install an {product-title} cluster by using mirrored installation release content, your cluster still requires internet access to use the AWS APIs. ==== diff --git a/modules/architecture-platform-benefits.adoc b/modules/architecture-platform-benefits.adoc index 66502c331c9a..038178fdfc2f 100644 --- a/modules/architecture-platform-benefits.adoc +++ b/modules/architecture-platform-benefits.adoc @@ -12,24 +12,16 @@ continues as one of the largest contributors to Kubernetes across a wide range of technology areas. //// -{product-title} provides enterprise-ready enhancements to Kubernetes, including -the following enhancements: +{product-title} provides enterprise-ready enhancements to Kubernetes, including the following enhancements: ifdef::openshift-origin,openshift-enterprise[] -* Hybrid cloud deployments. You can deploy {product-title} clusters to variety -of public cloud platforms or in your data center. +* Hybrid cloud deployments. You can deploy {product-title} clusters to variety of public cloud platforms or in your data center. endif::[] ifdef::openshift-dedicated[] -* {product-title} clusters are deployed on AWS environments and can be used -as part of a hybrid approach for application management. +* {product-title} clusters are deployed on AWS environments and can be used as part of a hybrid approach for application management. endif::[] -* Integrated Red Hat technology. Major components in {product-title} come from -Red Hat Enterprise Linux and related Red Hat technologies. {product-title} -benefits from the intense testing and certification initiatives for Red Hat’s -enterprise quality software. -* Open source development model. Development is completed in the open, and the -source code is available from public software repositories. The open -collaboration fosters rapid innovation and development. +* Integrated Red Hat technology. Major components in {product-title} come from Red Hat Enterprise Linux and related Red Hat technologies. {product-title} benefits from the intense testing and certification initiatives for Red Hat’s enterprise quality software. +* Open source development model. Development is completed in the open, and the source code is available from public software repositories. This open collaboration fosters rapid innovation and development. Although Kubernetes excels at managing your applications, it does not specify or manage platform-level requirements or deployment processes. Powerful and @@ -40,7 +32,7 @@ unique features and benefits of {product-title}. [id="architecture-custom-os_{context}"] == Custom operating system -{product-title} uses {op-system-first}, a new container-oriented operating +{product-title} uses {op-system-first}, a container-oriented operating system that combines some of the best features and functions of the CoreOS and Red Hat Atomic Host operating systems. {op-system} is specifically designed for running containerized applications from {product-title} and works with new tools @@ -48,11 +40,8 @@ to provide fast installation, Operator-based management, and simplified upgrades {op-system} includes: -* Ignition, which is a firstboot system configuration for initially bringing up and -configuring {product-title} nodes. -* cri-o, a Kubernetes native container runtime implementation that integrates -closely with the operating system to deliver an efficient and optimized -Kubernetes experience. +* Ignition, which {product-title} uses as a firstboot system configuration for initially bringing up and configuring machines. +* CRI-O, a Kubernetes native container runtime implementation that integrates closely with the operating system to deliver an efficient and optimized Kubernetes experience. CRI-O provides facilities for running, stopping, and restarting containers. It fully replaces the Docker Container Engine , which was used in {product-title} 3. * Kubelet, the primary node agent for Kubernetes that is responsible for launching and monitoring containers. @@ -84,20 +73,13 @@ process, but you must perform more tasks to upgrade the RHEL machines. Operators are both the fundamental unit of the {product-title} {product-version} code base and a convenient way to deploy applications and software components -for your applications to use. By using Operators as the platform foundation, -{product-title} replace manual upgrades of operating -systems and control plane applications. {product-title} Operators such as the +for your applications to use. In {product-title}, Operators serve as the platform foundation and remove the need for manual upgrades of operating systems and control plane applications. {product-title} Operators such as the Cluster Version Operator and Machine Config Operator allow simplified, cluster-wide management of those critical components. Operator Lifecycle Manager (OLM) and the OperatorHub provide facilities for storing and distributing Operators to people developing and deploying applications. -CRI-O Container Engine is the streamlined container engine that is is developed in -tandem with Kubernetes releases and provides facilities for running, stopping, -and restarting containers. It fully replaces the Docker Container Engine in -{product-title} {product-version}. - The Red Hat Quay Container Registry is a Quay.io container registry that serves most of the container images and Operators to {product-title} clusters. Quay.io is a public registry version of Red Hat Quay that stores millions of images @@ -146,17 +128,3 @@ The following figure illustrates the basic {product-title} lifecycle: .High level {product-title} overview image::product-workflow-overview.png[High-level {product-title} flow] - -[id="architecture-3-4_{context}"] -== {product-title} 3 and 4 -With {product-title} {product-version}, the core story remains unchanged: -{product-title} offers -your developers a set of tools to evolve their applications under operational oversight -and using Kubernetes to provide application infrastructure. The key change to -{product-title} {product-version} is -that the infrastructure and its management are flexible, automated, and self-managing. - -A major difference between {product-title} 3 and {product-title} {product-version} -is that {product-title} {product-version} uses Operators -as both the fundamental unit of the product and an option for easily deploying -and managing utilities that your apps use. diff --git a/modules/architecture-platform-introduction.adoc b/modules/architecture-platform-introduction.adoc index 5d812a298161..9f71ccf9cbfb 100644 --- a/modules/architecture-platform-introduction.adoc +++ b/modules/architecture-platform-introduction.adoc @@ -11,7 +11,7 @@ thousands of machines that serve millions of clients. With its foundation in Kubernetes, {product-title} incorporates the same technology that serves as the engine for massive telecommunications, streaming -video, gaming, banking and other applications. Its implementation in open +video, gaming, banking, and other applications. Its implementation in open Red Hat technologies lets you extend your containerized applications beyond a single cloud to on-premise and multi-cloud environments. @@ -20,4 +20,4 @@ single cloud to on-premise and multi-cloud environments. // * Major components of {product-title} // * Ways of exploring different aspects of {product-title} yourself // * Available frontdoors (and backdoors) to modify the installation and management of your {product-title} cluster -// * Different types of container application types \ No newline at end of file +// * Different types of container application types diff --git a/modules/cli-installing-cli.adoc b/modules/cli-installing-cli.adoc index c03cfab42ccb..1996116a4439 100644 --- a/modules/cli-installing-cli.adoc +++ b/modules/cli-installing-cli.adoc @@ -24,7 +24,7 @@ command-line interface. [IMPORTANT] ==== If you installed an earlier version of `oc`, you cannot use it to complete all -of the commands in {product-title} {product-version}. You must download and +of the commands in {product-title} {product-version}. Download and install the new version of `oc`. ==== diff --git a/modules/installation-aws-config-yaml.adoc b/modules/installation-aws-config-yaml.adoc index 6155b8e4230e..3e00a112e673 100644 --- a/modules/installation-aws-config-yaml.adoc +++ b/modules/installation-aws-config-yaml.adoc @@ -109,7 +109,5 @@ machines in your cluster. + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== diff --git a/modules/installation-aws-limits.adoc b/modules/installation-aws-limits.adoc index c9f639097672..691705234461 100644 --- a/modules/installation-aws-limits.adoc +++ b/modules/installation-aws-limits.adoc @@ -95,8 +95,7 @@ that are created by cluster usage and deployed workloads. |VPC Gateway |20 |20 per account -|Your AWS account uses VPC Gateways for S3 access. Each cluster creates a single -VPC Gateway for S3 access. +|Each cluster creates a single VPC Gateway for S3 access. |S3 buckets diff --git a/modules/installation-aws-user-infra-bootstrap.adoc b/modules/installation-aws-user-infra-bootstrap.adoc index e1700acffb40..d95586bc3c33 100644 --- a/modules/installation-aws-user-infra-bootstrap.adoc +++ b/modules/installation-aws-user-infra-bootstrap.adoc @@ -27,7 +27,7 @@ following command: + ---- $ ./openshift-install wait-for bootstrap-complete --dir= \ <1> - --log-level info <2> + --log-level=info <2> ---- <1> For ``, specify the path to the directory that you stored the installation files in. diff --git a/modules/installation-aws-user-infra-requirements.adoc b/modules/installation-aws-user-infra-requirements.adoc index ef045949ecbb..8225b6b34cc6 100644 --- a/modules/installation-aws-user-infra-requirements.adoc +++ b/modules/installation-aws-user-infra-requirements.adoc @@ -3,6 +3,8 @@ // * installing/installing_aws_user_infra/installing-aws-user-infra.adoc // * installing/installing_restricted_networks/installing-restricted-networks-aws.adoc + + [id="installation-aws-user-infra-requirements_{context}"] = Required AWS infrastructure components @@ -37,9 +39,8 @@ control plane initializes and you can access the cluster API by using the `oc` command line interface. //// -You can use the following instance types for the cluster machines: +You can use the following instance types for the cluster machines with the provided CloudFormation templates. -.Valid instance types for machines [IMPORTANT] ==== @@ -47,6 +48,7 @@ If `m4` instance types are not available in your region, such as with `eu-west-3`, use `m5` types instead. ==== +.Instance types for machines [cols="2a,2a,2a,2a",options="header"] |=== @@ -152,13 +154,15 @@ If `m4` instance types are not available in your region, such as with |=== +You might be able to use other instance types that meet the specifications of these instance types. + [id="installation-aws-user-infra-other-infrastructure_{context}"] == Other infrastructure components * A VPC * DNS entries * Load balancers and listeners -* A Route53 zone +* A public and a private Route53 zone * Security groups * IAM roles * S3 buckets @@ -178,8 +182,8 @@ machines. |VPC |* `AWS::EC2::VPC` * `AWS::EC2::VPCEndpoint` -2+|You must provide a public VPC for the cluster to use. The VPC requires an -endpoint that references the route tables for each subnet. +2+|You must provide a public VPC for the cluster to use. The VPC uses an +endpoint that references the route tables for each subnet to improve communication with the registry that is hosted in S3. |Public subnets |* `AWS::EC2::Subnet` @@ -193,12 +197,11 @@ and associate them with appropriate Ingress rules. * `AWS::EC2::VPCGatewayAttachment` * `AWS::EC2::RouteTable` * `AWS::EC2::Route` -* `PublicSubnetRouteTableAssociation` +* `AWS::EC2::SubnetRouteTableAssociation` * `AWS::EC2::NatGateway` * `AWS::EC2::EIP` 2+|You must have a public internet gateway, with public routes, attached to the -VPC. Each public subnet must also be attached to the route and have a NAT -gateway and EIP address. +VPC. In the provided templates, each public subnet has a NAT gateway with an EIP address. These NAT gateways allow cluster resources, like private-subnet instances, to reach the internet and are not required for some restricted network or proxy scenarios. .7+|Network access control .7+| * `AWS::EC2::NetworkAcl` @@ -306,7 +309,7 @@ within the cluster. |Internal target group |`AWS::ElasticLoadBalancingV2::TargetGroup` -|The target group for the Internal load balancer. +|The target group for the internal load balancer. |=== diff --git a/modules/installation-aws-user-infra-rhcos-ami.adoc b/modules/installation-aws-user-infra-rhcos-ami.adoc index 7c70509487d0..3edb0c650ec2 100644 --- a/modules/installation-aws-user-infra-rhcos-ami.adoc +++ b/modules/installation-aws-user-infra-rhcos-ami.adoc @@ -18,48 +18,48 @@ You must use a valid {op-system-first} AMI for your Amazon Web Services |AWS AMI |`ap-northeast-1` -|`ami-0c63b39219b8123e5` +|`ami-0426ca3481a088c7b` |`ap-northeast-2` -|`ami-073cba0913d2250a4` +|`ami-014514ae47679721b` |`ap-south-1` -|`ami-0270be11430101040` +|`ami-0bd772ba746948d9a` |`ap-southeast-1` -|`ami-06eb9d35ede4f08a3` +|`ami-0d76ac0ebaac29e40` |`ap-southeast-2` -|`ami-0d980796ce258b5d5` +|`ami-0391e92574fb09e08` |`ca-central-1` -|`ami-0f907257d1686e3f7` +|`ami-04419691da69850cf` |`eu-central-1` -|`ami-02fdd627029c0055b` +|`ami-092b69120ecf915ed` |`eu-west-1` -|`ami-0d4839574724ed3fa` +|`ami-04370efd78434697b` |`eu-west-2` -|`ami-053073b95aa285347` +|`ami-00c74e593125e0096` |`eu-west-3` -|`ami-09deb5deb6567bcd5` +|`ami-058ad17da14ff4d0d` |`sa-east-1` -|`ami-068a2000546e1889d` +|`ami-03f6b71e93e630dab` |`us-east-1` -|`ami-046fe691f52a953f9` +|`ami-01e7fdcb66157b224` |`us-east-2` -|`ami-0649fd5d42859bdfc` +|`ami-0bc59aaa7363b805d` |`us-west-1` -|`ami-0c1d2b5606111ac8c` +|`ami-0ba912f53c1fdcdf0` |`us-west-2` -|`ami-00745fcbb14a863ed` +|`ami-08e10b201e19fd5e7` |=== diff --git a/modules/installation-azure-config-yaml.adoc b/modules/installation-azure-config-yaml.adoc index e4a0c57b177c..c87765c1700a 100644 --- a/modules/installation-azure-config-yaml.adoc +++ b/modules/installation-azure-config-yaml.adoc @@ -86,5 +86,5 @@ If you disable simultaneous multithreading, ensure that your capacity planning a + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== diff --git a/modules/installation-bare-metal-config-yaml.adoc b/modules/installation-bare-metal-config-yaml.adoc index 4837ea8c18ce..c502c1c4eda2 100644 --- a/modules/installation-bare-metal-config-yaml.adoc +++ b/modules/installation-bare-metal-config-yaml.adoc @@ -120,9 +120,7 @@ endif::restricted[] + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== ifdef::restricted[] <13> Provide the contents of the certificate file that you used for your mirror diff --git a/modules/installation-configuration-parameters.adoc b/modules/installation-configuration-parameters.adoc index 8f2764dbdf09..cab053655252 100644 --- a/modules/installation-configuration-parameters.adoc +++ b/modules/installation-configuration-parameters.adoc @@ -7,7 +7,7 @@ // * installing/installing_openstack/installing-openstack-installer-custom.adoc // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc -ifeval::["{context}" == "install-customizations-cloud"] +ifeval::["{context}" == "installing-aws-customizations"] :aws: endif::[] ifeval::["{context}" == "installing-aws-network-customizations"] @@ -45,7 +45,7 @@ command line. If you customize your cluster, you can modify the [NOTE] ==== -You cannot modify these parameters after installation. +You cannot modify these parameters in the `install-config.yaml` file after installation. ==== .Required parameters @@ -115,9 +115,7 @@ container images for {product-title} components. |The SSH key to use to access your cluster machines. [NOTE] ==== -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== |A valid, local public SSH key that you added to the `ssh-agent` process. diff --git a/modules/installation-configure-proxy.adoc b/modules/installation-configure-proxy.adoc index bc3148a35370..7d85697dc389 100644 --- a/modules/installation-configure-proxy.adoc +++ b/modules/installation-configure-proxy.adoc @@ -54,7 +54,7 @@ proxy: noProxy: example.com <3> additionalTrustBundle: | <4> -----BEGIN CERTIFICATE----- - + -----END CERTIFICATE----- ... ---- diff --git a/modules/installation-dns-user-infra.adoc b/modules/installation-dns-user-infra.adoc index e4b63b50d6e9..dc9947d8d2da 100644 --- a/modules/installation-dns-user-infra.adoc +++ b/modules/installation-dns-user-infra.adoc @@ -10,7 +10,7 @@ [id="installation-dns-user-infra_{context}"] = User-provisioned DNS requirements -The following DNS records are required for a {product-title} cluster that uses +The following DNS records are required for an {product-title} cluster that uses user-provisioned infrastructure. In each record, `` is the cluster name and `` is the cluster base domain that you specify in the `install-config.yaml` file. @@ -53,7 +53,7 @@ and from all the nodes within the cluster. control plane machines that host the instances. The etcd instances are differentiated by `` values, which start with `0` and end with `n-1`, where `n` is the number of control plane machines in the cluster. The DNS -record must resolve to an unicast IPV4 address for the control plane machine, +record must resolve to an unicast IPv4 address for the control plane machine, and the records must be resolvable from all the nodes in the cluster. |`_etcd-server-ssl._tcp..` diff --git a/modules/installation-gcp-config-yaml.adoc b/modules/installation-gcp-config-yaml.adoc index 483731b2a804..dd8ab53aeff6 100644 --- a/modules/installation-gcp-config-yaml.adoc +++ b/modules/installation-gcp-config-yaml.adoc @@ -81,5 +81,5 @@ If you disable simultaneous multithreading, ensure that your capacity planning a + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== diff --git a/modules/installation-generate-aws-user-infra-ignition.adoc b/modules/installation-generate-aws-user-infra-ignition.adoc index 718d152628b1..c43564a52e51 100644 --- a/modules/installation-generate-aws-user-infra-ignition.adoc +++ b/modules/installation-generate-aws-user-infra-ignition.adoc @@ -3,6 +3,10 @@ // * installing/installing_aws_user_infra/installing-aws-user-infra.adoc // * installing/installing_restricted_networks/installing-restricted-networks-aws.adoc +ifeval::["{context}" == "installing-restricted-networks-aws"] +:restricted: +endif::[] + [id="installation-generate-aws-user-infra-ignition_{context}"] = Creating the Kubernetes manifest and Ignition config files @@ -28,10 +32,7 @@ endif::restricted[] .Procedure -. Remove the Kubernetes manifest files for the control plane machines. By -removing these files, you prevent the cluster from automatically generating -control plane machines. -.. Generate the Kubernetes manifests for the cluster: +. Generate the Kubernetes manifests for the cluster: + ---- $ ./openshift-install create manifests --dir= <1> @@ -44,13 +45,15 @@ contains the `install-config.yaml` file you created. + Because you create your own compute machines later in the installation process, you can safely ignore this warning. -.. Remove the files that define the control plane machines: + +. Remove the Kubernetes manifest files that define the control plane machines: + ---- $ rm -f openshift/99_openshift-cluster-api_master-machines-*.yaml ---- ++ +By removing these files, you prevent the cluster from automatically generating control plane machines. -ifeval::["{context}" == "installing-aws-user-infra"] . Remove the Kubernetes manifest files that define the worker machines: + ---- @@ -59,7 +62,6 @@ $ rm -f openshift/99_openshift-cluster-api_worker-machineset-* + Because you create and manage the worker machines yourself, you do not need to initialize these machines. -endif::[] . Obtain the Ignition config files: + diff --git a/modules/installation-generate-aws-user-infra-install-config.adoc b/modules/installation-generate-aws-user-infra-install-config.adoc index d460b6d4af5a..b53ba048853c 100644 --- a/modules/installation-generate-aws-user-infra-install-config.adoc +++ b/modules/installation-generate-aws-user-infra-install-config.adoc @@ -46,9 +46,7 @@ when copying installation files from an earlier {product-title} version. + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== ... Select *aws* as the platform to target. ... If you do not have an AWS profile stored on your computer, enter the AWS diff --git a/modules/installation-infrastructure-user-infra.adoc b/modules/installation-infrastructure-user-infra.adoc index dd7db905716d..a2b78629a68a 100644 --- a/modules/installation-infrastructure-user-infra.adoc +++ b/modules/installation-infrastructure-user-infra.adoc @@ -8,7 +8,7 @@ [id="installation-infrastructure-user-infra_{context}"] = Creating the user-provisioned infrastructure -Before you deploy a {product-title} cluster that uses user-provisioned +Before you deploy an {product-title} cluster that uses user-provisioned infrastructure, you must create the underlying infrastructure. .Prerequistes diff --git a/modules/installation-initializing.adoc b/modules/installation-initializing.adoc index 8702a4785f4c..9fb32f3eeaea 100644 --- a/modules/installation-initializing.adoc +++ b/modules/installation-initializing.adoc @@ -7,8 +7,9 @@ // * installing/installing_openstack/installing-openstack-installer-custom.adoc // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc // Consider also adding the installation-configuration-parameters.adoc module. +//YOU MUST SET AN IFEVAL FOR EACH NEW MODULE -ifeval::["{context}" == "install-customizations-cloud"] +ifeval::["{context}" == "installing-aws-customizations"] :aws: endif::[] ifeval::["{context}" == "installing-aws-network-customizations"] @@ -30,7 +31,19 @@ endif::[] [id="installation-initializing_{context}"] = Creating the installation configuration file -You can customize your installation of {product-title} on a compatible cloud. +You can customize your installation of {product-title} on +ifdef::aws[] +Amazon Web Services (AWS). +endif::aws[] +ifdef::azure[] +Microsoft Azure. +endif::azure[] +ifdef::gcp[] +Google Cloud Platform (GCP). +endif::gcp[] +ifdef::osp[] +OpenStack. +endif::osp[] .Prerequisites @@ -61,9 +74,7 @@ when copying installation files from an earlier {product-title} version. + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== ifdef::aws[] ... Select *AWS* as the platform to target. @@ -131,9 +142,7 @@ endif::gcp[] link:https://cloud.redhat.com/openshift/install[OpenShift Infrastructure Providers] page. . Modify the `install-config.yaml` file. You can find more information about -the available parameters in the *Installation configuration parameters* section -and in the -link:https://godoc.org/github.com/openshift/installer/pkg/types#InstallConfig[Go documentation]. +the available parameters in the *Installation configuration parameters* section. . Back up the `install-config.yaml` file so that you can use it to install multiple clusters. diff --git a/modules/installation-installing-bare-metal.adoc b/modules/installation-installing-bare-metal.adoc index 86599c9f9c1e..0b2d11b90cd6 100644 --- a/modules/installation-installing-bare-metal.adoc +++ b/modules/installation-installing-bare-metal.adoc @@ -27,7 +27,7 @@ cluster. + ---- $ ./openshift-install --dir= wait-for bootstrap-complete \ <1> - --log-level info <2> + --log-level=info <2> INFO Waiting up to 30m0s for the Kubernetes API at https://api.test.example.com:6443... INFO API v1.14.6+c4799753c up diff --git a/modules/installation-launching-installer.adoc b/modules/installation-launching-installer.adoc index 627c774debb5..987f853768f1 100644 --- a/modules/installation-launching-installer.adoc +++ b/modules/installation-launching-installer.adoc @@ -13,7 +13,7 @@ // If you use this module in any other assembly, you must update the ifeval // statements. -ifeval::["{context}" == "install-customizations-cloud"] +ifeval::["{context}" == "installing-aws-customizations"] :custom-config: :aws: endif::[] @@ -60,7 +60,7 @@ You can install {product-title} on a compatible cloud. [IMPORTANT] ==== -You can run the installation program only once, during initial installation. +You can run the `create cluster` command of the installation program only once, during initial installation. ==== .Prerequisites @@ -85,7 +85,7 @@ endif::gcp[] + ---- $ ./openshift-install create cluster --dir= \ <1> - --log-level info <2> + --log-level=info <2> ---- <1> For ``, specify the ifdef::custom-config[] @@ -115,9 +115,7 @@ Provide values at the prompts: + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== ifdef::aws[] .. Select *aws* as the platform to target. diff --git a/modules/installation-network-user-infra.adoc b/modules/installation-network-user-infra.adoc index 26425bc05147..f2b6697f4037 100644 --- a/modules/installation-network-user-infra.adoc +++ b/modules/installation-network-user-infra.adoc @@ -21,7 +21,7 @@ addresses and host names to the cluster machines. The Kubernetes API server must be able to resolve the node names of the cluster machines. If the API servers and worker nodes are in different zones, you can configure a default DNS search zone to allow the API server to resolve the -node names. Another acceptable approach is to always refer to hosts by their +node names. Another supported approach is to always refer to hosts by their fully-qualified domain names in both the node objects and all DNS requests. You must configure the network connectivity between machines to allow cluster @@ -29,9 +29,14 @@ components to communicate. Each machine must be able to resolve the host names of all other machines in the cluster. .All machines to all machines -[cols="2a,5a",options="header"] +[cols="2a,2a,5a",options="header"] |=== +|Protocol +|Port +|Description + +.5+|TCP |`2379`-`2380` |etcd server, peer, and metrics ports @@ -48,6 +53,17 @@ the Cluster Version Operator on port `9099`. |`10256` |openshift-sdn + +.4+|UDP +|`4789` +|VXLAN and GENEVE + +|`6081` +|VXLAN and GENEVE + +|`9000`-`9999` +|Host level services, including the node exporter on ports `9100`-`9101`. + |`30000`-`32767` |Kubernetes NodePort diff --git a/modules/installation-osp-default-deployment.adoc b/modules/installation-osp-default-deployment.adoc index 2beeee22cd18..448ef8f0a83d 100644 --- a/modules/installation-osp-default-deployment.adoc +++ b/modules/installation-osp-default-deployment.adoc @@ -40,7 +40,7 @@ A cluster might function with fewer than recommended resources, but its performa [NOTE] By default, your security group and security group rule quotas might be low. If you encounter problems, run `openstack quota set --secgroups 3 --secgroup-rules 60 ` to increase them. -A {product-title} deployment comprises control plane machines, compute machines, and a bootstrap machine. +An {product-title} deployment comprises control plane machines, compute machines, and a bootstrap machine. [id="control-compute-machines_{context}"] == Control plane and compute machines diff --git a/modules/installation-overview.adoc b/modules/installation-overview.adoc index 5a2f11a37003..a4e088a0129a 100644 --- a/modules/installation-overview.adoc +++ b/modules/installation-overview.adoc @@ -151,7 +151,7 @@ modify many cluster attributes after installation. [IMPORTANT] ==== -In version {product-version}, you can install a {product-title} cluster that +In version {product-version}, you can install an {product-title} cluster that uses installer-provisioned infrastructure on only Amazon Web Services (AWS). ==== diff --git a/modules/installation-vsphere-config-yaml.adoc b/modules/installation-vsphere-config-yaml.adoc index 4c626ff7729b..a6f8d469eac4 100644 --- a/modules/installation-vsphere-config-yaml.adoc +++ b/modules/installation-vsphere-config-yaml.adoc @@ -114,9 +114,7 @@ endif::restricted[] + [NOTE] ==== -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery on, specify an SSH key that your `ssh-agent` process uses. ==== ifdef::restricted[] <14> Provide the contents of the certificate file that you used for your mirror diff --git a/modules/nw-install-config-parameters.adoc b/modules/nw-install-config-parameters.adoc index b15584551f93..2728bc734db4 100644 --- a/modules/nw-install-config-parameters.adoc +++ b/modules/nw-install-config-parameters.adoc @@ -12,7 +12,7 @@ parameters. [NOTE] ==== -You cannot modify these parameters after installation. +You cannot modify these parameters in the `install-config.yaml` file after installation. ==== .Required network parameters diff --git a/modules/olm-restricted-networks-configuring-operatorhub.adoc b/modules/olm-restricted-networks-configuring-operatorhub.adoc index e2a283a3b7a7..49b1e66bdf0e 100644 --- a/modules/olm-restricted-networks-configuring-operatorhub.adoc +++ b/modules/olm-restricted-networks-configuring-operatorhub.adoc @@ -10,7 +10,7 @@ restricted network environments. .Prerequisites -* Cluster administrator access to a {product-title} cluster and its internal registry. +* Cluster administrator access to an {product-title} cluster and its internal registry. * Separate workstation without network restrictions. * If pushing images to the {product-title} cluster's internal registry, the registry must be exposed with a route. * `podman` version 1.5.1+ @@ -27,7 +27,7 @@ $ oc patch OperatorHub cluster --type json \ ---- + This disables the default OperatorSources that are configured by default during -a {product-title} installation. +an {product-title} installation. . **Retrieve package lists.** + diff --git a/modules/rhcos-about.adoc b/modules/rhcos-about.adoc index d667df7fd36d..4d89a4d988da 100644 --- a/modules/rhcos-about.adoc +++ b/modules/rhcos-about.adoc @@ -101,7 +101,7 @@ Machine Config Operator (MCO) that runs in the {product-title} cluster. Because {op-system} systems in {product-title} are designed to be fully managed from the {product-title} cluster, directly logging in to a {op-system} machine is -discouraged. Limited direct access to {op-system} machines in a {product-title} +discouraged. Limited direct access to {op-system} machines in an {product-title} cluster can be completed for debugging purposes. [id="rhcos-about-ignition_{context}"] @@ -232,7 +232,7 @@ the system correctly. [id="ignition-sequence_{context}"] === The Ignition sequence -The Ignition process for an {op-system} machine in a {product-title} cluster +The Ignition process for an {op-system} machine in an {product-title} cluster involves the following steps: * The machine gets its Ignition config file. Master machines get their Ignition diff --git a/modules/ssh-agent-using.adoc b/modules/ssh-agent-using.adoc index 46a375dcafdf..77b9e6cafa92 100644 --- a/modules/ssh-agent-using.adoc +++ b/modules/ssh-agent-using.adoc @@ -17,12 +17,29 @@ // * installing/installing_restricted_networks/installing-restricted-networks-vsphere.adoc // * installing/installing_vsphere/installing-vsphere.adoc +ifeval::["{context}" == "installing-restricted-networks-vsphere"] +:user-infra: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-bare-metal"] +:user-infra: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-aws"] +:user-infra: +endif::[] +ifeval::["{context}" == "installing-bare-metal"] +:user-infra: +endif::[] +ifeval::["{context}" == "installing-vsphere"] +:user-infra: +endif::[] +ifeval::["{context}" == "installing-aws-user-infra"] +:user-infra: +endif::[] + [id="ssh-agent-using_{context}"] = Generating an SSH private key and adding it to the agent -For production {product-title} clusters on which you want to perform installation -debugging or disaster recovery on, you must provide an SSH key that your `ssh-agent` -process uses to the installation program. +If you want to perform installation debugging or disaster recovery on your cluster, you must provide an SSH key to both your `ssh-agent` and to the installation program. You can use this key to SSH into the master nodes as the user `core`. When you deploy the cluster, the key is added to the `core` user's @@ -71,6 +88,7 @@ Identity added: /home/// () .Next steps -When you install {product-title}, provide the SSH public key to the installation program. -If you install a cluster on infrastructure that you provision, you must provide -this key to your cluster's machines. +* When you install {product-title}, provide the SSH public key to the installation program. +ifdef::user-infra[] +If you install a cluster on infrastructure that you provision, you must provide this key to your cluster's machines. +endif::user-infra[] diff --git a/release_notes/ocp-4-2-release-notes.adoc b/release_notes/ocp-4-2-release-notes.adoc index 3aa89172e088..b6e0cd7d2e98 100644 --- a/release_notes/ocp-4-2-release-notes.adoc +++ b/release_notes/ocp-4-2-release-notes.adoc @@ -579,7 +579,7 @@ CatalogSources are installed by default, is `openshift-operator-lifecycle-manager`. Starting with {product-title} {product-version}, this has changed to the `openshift-marketplace` namespace. -If you have installed an Operator from OperatorHub on a {product-title} 4.1 +If you have installed an Operator from OperatorHub on an {product-title} 4.1 cluster, the CatalogSource is in the same namespace as the Subscription. These Subscriptions are not affected by this change and should continue to behave normally after a cluster upgrade. diff --git a/welcome/accessing-your-services.adoc b/welcome/accessing-your-services.adoc index 288e0cd32e36..150bf25b5097 100644 --- a/welcome/accessing-your-services.adoc +++ b/welcome/accessing-your-services.adoc @@ -5,7 +5,7 @@ include::modules/common-attributes.adoc[] toc::[] -Once you have a {product-title} subscription, you can access your services. +Once you have an {product-title} subscription, you can access your services. include::modules/dedicated-accessing-your-cluster.adoc[leveloffset=+1]