From 7901f5acfec8df8e5b36c19366838c5d8b95747b Mon Sep 17 00:00:00 2001 From: Alisha Prabhu Date: Wed, 28 Sep 2022 11:47:19 +1000 Subject: [PATCH] OCP 4.13 - IBM PowerVS using installer-provisioned infrastructure --- _topic_maps/_topic_map.yml | 22 ++ .../creating-ibm-power-vs-workspace.adoc | 15 + ...installing-ibm-cloud-account-power-vs.adoc | 39 ++ ...nstalling-ibm-power-vs-customizations.adoc | 63 ++++ ...stalling-ibm-power-vs-private-cluster.adoc | 71 ++++ .../installing-ibm-powervs-vpc.adoc | 66 ++++ ...ling-restricted-networks-ibm-power-vs.adoc | 77 ++++ .../preparing-to-install-on-ibm-power-vs.adoc | 58 +++ .../uninstalling-cluster-ibm-power-vs.adoc | 11 + .../creating-machineset-ibm-power-vs.adoc | 18 + modules/cco-ccoctl-configuring.adoc | 10 + modules/cli-installing-cli.adoc | 3 + modules/cli-logging-in-kubeadmin.adoc | 3 + modules/cluster-entitlements.adoc | 11 + modules/cluster-telemetry.adoc | 3 + ...ting-ibm-power-vs-workspace-procedure.adoc | 19 + ...installation-about-restricted-network.adoc | 7 + modules/installation-cis-ibm-cloud.adoc | 5 +- ...installation-configuration-parameters.adoc | 167 ++++++++- modules/installation-configure-proxy.adoc | 4 + .../installation-custom-ibm-cloud-vpc.adoc | 1 + modules/installation-custom-ibm-power-vs.adoc | 89 +++++ ...stallation-ibm-cloud-creating-api-key.adoc | 1 + ...stallation-ibm-cloud-export-variables.adoc | 41 +- ...lation-ibm-cloud-iam-policies-api-key.adoc | 81 ++++ modules/installation-ibm-cloud-regions.adoc | 57 +++ ...installation-ibm-power-vs-config-yaml.adoc | 354 ++++++++++++++++++ modules/installation-initializing-manual.adoc | 19 +- modules/installation-initializing.adoc | 35 ++ modules/installation-launching-installer.adoc | 36 ++ ...llation-minimum-resource-requirements.adoc | 15 + modules/installation-obtaining-installer.adoc | 2 + modules/installation-uninstall-clouds.adoc | 42 ++- modules/machineset-yaml-ibm-power-vs.adoc | 73 ++++ modules/manually-create-iam-ibm-cloud.adoc | 44 ++- ...cted-networks-configuring-operatorhub.adoc | 1 + .../private-clusters-about-ibm-power-vs.adoc | 24 ++ modules/private-clusters-default.adoc | 17 +- modules/quotas-and-limits-ibm-power-vs.adoc | 62 +++ modules/refreshing-service-ids-ibm-cloud.adoc | 19 +- modules/ssh-agent-using.adoc | 26 ++ snippets/custom-dns-server.adoc | 1 + welcome/index.adoc | 2 + 43 files changed, 1661 insertions(+), 53 deletions(-) create mode 100644 installing/installing_ibm_powervs/creating-ibm-power-vs-workspace.adoc create mode 100644 installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc create mode 100644 installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc create mode 100644 installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc create mode 100644 installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc create mode 100644 installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc create mode 100644 installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc create mode 100644 installing/installing_ibm_powervs/uninstalling-cluster-ibm-power-vs.adoc create mode 100644 machine_management/creating_machinesets/creating-machineset-ibm-power-vs.adoc create mode 100644 modules/creating-ibm-power-vs-workspace-procedure.adoc create mode 100644 modules/installation-custom-ibm-power-vs.adoc create mode 100644 modules/installation-ibm-power-vs-config-yaml.adoc create mode 100644 modules/machineset-yaml-ibm-power-vs.adoc create mode 100644 modules/private-clusters-about-ibm-power-vs.adoc create mode 100644 modules/quotas-and-limits-ibm-power-vs.adoc diff --git a/_topic_maps/_topic_map.yml b/_topic_maps/_topic_map.yml index e99c8b573f5c..c5db25b1f504 100644 --- a/_topic_maps/_topic_map.yml +++ b/_topic_maps/_topic_map.yml @@ -394,6 +394,26 @@ Topics: File: installing-ibm-power - Name: Restricted network IBM Power installation File: installing-restricted-networks-ibm-power +- Name: Installing on IBM Power Virtual Server + Dir: installing_ibm_powervs + Distros: openshift-enterprise + Topics: + - Name: Preparing to install on IBM Power Virtual Server + File: preparing-to-install-on-ibm-power-vs + - Name: Configuring an IBM Cloud account + File: installing-ibm-cloud-account-power-vs + - Name: Creating an IBM Power Virtual Server workspace + File: creating-ibm-power-vs-workspace + - Name: Installing a cluster on IBM Power Virtual Server with customizations + File: installing-ibm-power-vs-customizations + - Name: Installing a cluster on IBM Power Virtual Server into an existing VPC + File: installing-ibm-powervs-vpc + - Name: Installing a private cluster on IBM Power Virtual Server + File: installing-ibm-power-vs-private-cluster + - Name: Installing a cluster on IBM Power Virtual Server in a restricted network + File: installing-restricted-networks-ibm-power-vs + - Name: Uninstalling a cluster on IBM Power Virtual Server + File: uninstalling-cluster-ibm-power-vs - Name: Installing on OpenStack Dir: installing_openstack Distros: openshift-origin,openshift-enterprise @@ -2124,6 +2144,8 @@ Topics: File: creating-machineset-gcp - Name: Creating a compute machine set on IBM Cloud File: creating-machineset-ibm-cloud + - Name: Creating a compute machine set on IBM Power Virtual Server + File: creating-machineset-ibm-power-vs - Name: Creating a compute machine set on Nutanix File: creating-machineset-nutanix - Name: Creating a compute machine set on OpenStack diff --git a/installing/installing_ibm_powervs/creating-ibm-power-vs-workspace.adoc b/installing/installing_ibm_powervs/creating-ibm-power-vs-workspace.adoc new file mode 100644 index 000000000000..9c21524a0e22 --- /dev/null +++ b/installing/installing_ibm_powervs/creating-ibm-power-vs-workspace.adoc @@ -0,0 +1,15 @@ +:_content-type: ASSEMBLY +[id="creating-ibm-power-vs-workspace"] += Creating an {ibmpowerProductName} Virtual Server workspace +include::_attributes/common-attributes.adoc[] +:context: creating-ibm-power-vs-workspace + +:FeatureName: {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure +include::snippets/technology-preview.adoc[] + +include::modules/creating-ibm-power-vs-workspace-procedure.adoc[leveloffset=+1] + + +[id="next-steps_creating-ibm-power-vs-workspace"] +== Next steps +* xref:../../installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc#installing-ibm-power-vs-customizations[Installing a cluster on {ibmpowerProductName} Virtual Server with customizations] diff --git a/installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc b/installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc new file mode 100644 index 000000000000..3aaa32c147b6 --- /dev/null +++ b/installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc @@ -0,0 +1,39 @@ +:_content-type: ASSEMBLY +[id="installing-ibm-cloud-account-power-vs"] += Configuring an IBM Cloud account +include::_attributes/common-attributes.adoc[] +:context: installing-ibm-cloud-account-power-vs + +toc::[] + +Before you can install {product-title}, you must configure an IBM Cloud account. + +:FeatureName: {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure +include::snippets/technology-preview.adoc[] + +[id="prerequisites_installing-ibm-cloud-account-power-vs"] +== Prerequisites + +* You have an IBM Cloud account with a subscription. You cannot install {product-title} on a free or on a trial IBM Cloud account. + +include::modules/quotas-and-limits-ibm-power-vs.adoc[leveloffset=+1] + +[id="configuring-dns-resolution-powervs"] +== Configuring DNS resolution + +How you configure DNS resolution depends on the type of {product-title} cluster you are installing: + +* If you are installing a public cluster, you use IBM Cloud Internet Services (CIS). +* If you are installing a private cluster, you use IBM Cloud DNS Services (DNS Services). + +include::modules/installation-cis-ibm-cloud.adoc[leveloffset=+1] + +include::modules/installation-ibm-cloud-iam-policies-api-key.adoc[leveloffset=+1] + +include::modules/installation-ibm-cloud-creating-api-key.adoc[leveloffset=+2] + +include::modules/installation-ibm-cloud-regions.adoc[leveloffset=+1] + +[id="next-steps_installing-ibm-cloud-account-power-vs"] +== Next steps +* xref:../../installing/installing_ibm_powervs/creating-ibm-power-vs-workspace.adoc#creating-ibm-power-vs-workspace[Creating an {ibmpowerProductName} Virtual Server workspace] diff --git a/installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc b/installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc new file mode 100644 index 000000000000..e778b0dd7b8c --- /dev/null +++ b/installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc @@ -0,0 +1,63 @@ +:_content-type: ASSEMBLY +[id="installing-ibm-power-vs-customizations"] += Installing a cluster on {ibmpowerProductName} Virtual Server with customizations +include::_attributes/common-attributes.adoc[] +:context: installing-ibm-power-vs-customizations + +toc::[] + +In {product-title} version {product-version}, you can install a customized cluster on infrastructure that the installation program provisions on {ibmpowerProductName} Virtual Server. To customize the installation, you modify parameters in the `install-config.yaml` file before you install the cluster. + +:FeatureName: {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure +include::snippets/technology-preview.adoc[] + +[id="prerequisites_installing-ibm-powervs-customizations"] +== Prerequisites + +* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc#installing-ibm-cloud-account-power-vs[configured an IBM Cloud account] to host the cluster. +* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* You configured the `ccoctl` utility before you installed the cluster. For more information, see xref:../../installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc#choosing-an-method-to-install-ocp-on-power-vs-installer-provisioned[Configuring the Cloud Credential Operator utility]. + +include::modules/cluster-entitlements.adoc[leveloffset=+1] + +include::modules/ssh-agent-using.adoc[leveloffset=+1] + +include::modules/installation-obtaining-installer.adoc[leveloffset=+1] + +include::modules/installation-ibm-cloud-export-variables.adoc[leveloffset=+1] + +include::modules/installation-initializing.adoc[leveloffset=+1] + +include::modules/installation-configuration-parameters.adoc[leveloffset=+2] + +include::modules/installation-ibm-power-vs-config-yaml.adoc[leveloffset=+2] + +include::modules/installation-configure-proxy.adoc[leveloffset=+2] + +include::modules/manually-create-iam-ibm-cloud.adoc[leveloffset=+1] + +include::modules/installation-launching-installer.adoc[leveloffset=+1] + +include::modules/cli-installing-cli.adoc[leveloffset=+1] + +include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-power-vs-customizations-console"] +.Additional resources +* xref:../../web_console/web-console.adoc#web-console[Accessing the web console] + +include::modules/cluster-telemetry.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-power-vs-customizations-telemetry"] +.Additional resources +* xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] + +[id="next-steps_installing-ibm-power-vs-customizations"] +== Next steps +* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster] +* If necessary, you can +xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[opt out of remote health reporting] \ No newline at end of file diff --git a/installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc b/installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc new file mode 100644 index 000000000000..09ee3c129a80 --- /dev/null +++ b/installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc @@ -0,0 +1,71 @@ +:_content-type: ASSEMBLY +[id="installing-ibm-power-vs-private-cluster"] += Installing a private cluster on {ibmpowerProductName} Virtual Server +include::_attributes/common-attributes.adoc[] +:context: installing-ibm-power-vs-private-cluster + +toc::[] + +In {product-title} version {product-version}, you can install a private cluster into an existing VPC and {ibmpowerProductName} Virtual Server Workspace. The installation program provisions the rest of the required infrastructure, which you can further customize. To customize the installation, you modify parameters in the `install-config.yaml` file before you install the cluster. + +:FeatureName: {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure +include::snippets/technology-preview.adoc[] + +[id="prerequisites_installing-ibm-power-vs-private-cluster"] +== Prerequisites + +* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc#installing-ibm-cloud-account-power-vs[configured an IBM Cloud account] to host the cluster. +* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* You configured the `ccoctl` utility before you installed the cluster. For more information, see xref:../../installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc#choosing-an-method-to-install-ocp-on-power-vs-installer-provisioned[Configuring the Cloud Credential Operator utility]. + +include::modules/private-clusters-default.adoc[leveloffset=+1] + +include::modules/private-clusters-about-ibm-power-vs.adoc[leveloffset=+1] + +include::modules/installation-custom-ibm-power-vs.adoc[leveloffset=+1] + +include::modules/cluster-entitlements.adoc[leveloffset=+1] + +include::modules/ssh-agent-using.adoc[leveloffset=+1] + +include::modules/installation-obtaining-installer.adoc[leveloffset=+1] + +include::modules/installation-ibm-cloud-export-variables.adoc[leveloffset=+1] + +include::modules/installation-initializing-manual.adoc[leveloffset=+1] + +include::modules/installation-configuration-parameters.adoc[leveloffset=+2] + +include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] + +include::modules/installation-ibm-power-vs-config-yaml.adoc[leveloffset=+2] + +include::modules/installation-configure-proxy.adoc[leveloffset=+2] + +include::modules/manually-create-iam-ibm-cloud.adoc[leveloffset=+1] + +include::modules/installation-launching-installer.adoc[leveloffset=+1] + +include::modules/cli-installing-cli.adoc[leveloffset=+1] + +include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-power-vs-private-console"] +.Additional resources +* xref:../../web_console/web-console.adoc#web-console[Accessing the web console] + +include::modules/cluster-telemetry.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-power-vs-private-telemetry"] +.Additional resources +* xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] + + +[id="next-steps_installing-ibm-power-vs-private-cluster"] +== Next steps +* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster] +* Optional: xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[Opt out of remote health reporting] diff --git a/installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc b/installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc new file mode 100644 index 000000000000..1eca04bce42a --- /dev/null +++ b/installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc @@ -0,0 +1,66 @@ +:_content-type: ASSEMBLY +[id="installing-ibm-powervs-vpc"] += Installing a cluster on {ibmpowerProductName} Virtual Server into an existing VPC +include::_attributes/common-attributes.adoc[] +:context: installing-ibm-powervs-vpc + +toc::[] + +In {product-title} version {product-version}, you can install a cluster into an existing Virtual Private Cloud (VPC) on IBM Cloud VPC. The installation program provisions the rest of the required infrastructure, which you can then further customize. To customize the installation, you modify parameters in the `install-config.yaml` file before you install the cluster. + +:FeatureName: {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure +include::snippets/technology-preview.adoc[] + +[id="prerequisites_installing-ibm-powervs-vpc"] +== Prerequisites + +* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc#installing-ibm-cloud-account-power-vs[configured an IBM Cloud account] to host the cluster. +* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* You configured the `ccoctl` utility before you installed the cluster. For more information, see xref:../../installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc#choosing-an-method-to-install-ocp-on-power-vs-installer-provisioned[Configuring the Cloud Credential Operator utility]. + +include::modules/installation-custom-ibm-power-vs.adoc[leveloffset=+1] + +include::modules/cluster-entitlements.adoc[leveloffset=+1] + +include::modules/ssh-agent-using.adoc[leveloffset=+1] + +include::modules/installation-obtaining-installer.adoc[leveloffset=+1] + +include::modules/installation-ibm-cloud-export-variables.adoc[leveloffset=+1] + +include::modules/installation-initializing.adoc[leveloffset=+1] + +include::modules/installation-configuration-parameters.adoc[leveloffset=+2] + +include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] + +include::modules/installation-ibm-power-vs-config-yaml.adoc[leveloffset=+2] + +include::modules/installation-configure-proxy.adoc[leveloffset=+2] + +include::modules/manually-create-iam-ibm-cloud.adoc[leveloffset=+1] + +include::modules/installation-launching-installer.adoc[leveloffset=+1] + +include::modules/cli-installing-cli.adoc[leveloffset=+1] + +include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-powervs-vpc-console"] +.Additional resources +* xref:../../web_console/web-console.adoc#web-console[Accessing the web console] + +include::modules/cluster-telemetry.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-powervs-vpc-telemetry"] +.Additional resources +* xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] + +[id="next-steps_installing-ibm-powervs-vpc"] +== Next steps +* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster] +* Optional: xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[Opt out of remote health reporting] diff --git a/installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc b/installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc new file mode 100644 index 000000000000..a2d33139cbb3 --- /dev/null +++ b/installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc @@ -0,0 +1,77 @@ +:_content-type: ASSEMBLY +[id="installing-restricted-networks-ibm-power-vs"] += Installing a cluster on {ibmpowerProductName} Virtual Server in a restricted network +include::_attributes/common-attributes.adoc[] +:context: installing-restricted-networks-ibm-power-vs + +toc::[] + +In {product-title} {product-version}, you can install a cluster on IBM Cloud VPC in a restricted network by creating an internal mirror of the installation release content on an existing Virtual Private Cloud (VPC) on IBM Cloud VPC. + +:FeatureName: {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure +include::snippets/technology-preview.adoc[] + +[id="prerequisites_installing-ibm-power-vs-restricted"] +== Prerequisites + +* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. +* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. +* You xref:../../installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc#installing-ibm-cloud-account-power-vs[configured an IBM Cloud account] to host the cluster. +* You xref:../../installing/disconnected_install/installing-mirroring-installation-images.adoc#installation-about-mirror-registry_installing-mirroring-installation-images[mirrored the images for a disconnected installation] to your registry and obtained the `imageContentSources` data for your version of {product-title}. ++ +[IMPORTANT] +==== +Because the installation media is on the mirror host, you can use that computer to complete all installation steps. +==== +* You have an existing VPC in IBM Cloud VPC. When installing a cluster in a restricted network, you cannot use the installer-provisioned VPC. You must use a user-provisioned VPC that satisfies one of the following requirements: +** Contains the mirror registry +** Has firewall rules or a peering connection to access the mirror registry hosted elsewhere +* If you use a firewall, you xref:../../installing/install_config/configuring-firewall.adoc#configuring-firewall[configured it to allow the sites] that your cluster requires access to. +* You configured the `ccoctl` utility before you installed the cluster. For more information, see xref:../../installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc#choosing-an-method-to-install-ocp-on-power-vs-installer-provisioned[Configuring the Cloud Credential Operator utility]. + +include::modules/installation-about-restricted-network.adoc[leveloffset=+1] + +include::modules/installation-custom-ibm-power-vs.adoc[leveloffset=+1] + +include::modules/cluster-entitlements.adoc[leveloffset=+1] + +include::modules/ssh-agent-using.adoc[leveloffset=+1] + +include::modules/installation-ibm-cloud-export-variables.adoc[leveloffset=+1] + +include::modules/installation-initializing.adoc[leveloffset=+1] + +include::modules/installation-configuration-parameters.adoc[leveloffset=+2] + +include::modules/installation-minimum-resource-requirements.adoc[leveloffset=+2] + +include::modules/installation-ibm-power-vs-config-yaml.adoc[leveloffset=+2] + +include::modules/installation-configure-proxy.adoc[leveloffset=+2] + +include::modules/manually-create-iam-ibm-cloud.adoc[leveloffset=+1] + +include::modules/installation-launching-installer.adoc[leveloffset=+1] + +include::modules/cli-installing-cli.adoc[leveloffset=+1] + +include::modules/cli-logging-in-kubeadmin.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-power-vs-restricted-console"] +.Additional resources +* xref:../../web_console/web-console.adoc#web-console[Accessing the web console] + +include::modules/olm-restricted-networks-configuring-operatorhub.adoc[leveloffset=+1] + +include::modules/cluster-telemetry.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_installing-ibm-power-vs-restricted-telemetry"] +.Additional resources +* xref:../../support/remote_health_monitoring/about-remote-health-monitoring.adoc#about-remote-health-monitoring[About remote health monitoring] + +[id="next-steps_installing-ibm-power-vs-restricted"] +== Next steps +* xref:../../post_installation_configuration/cluster-tasks.adoc#available_cluster_customizations[Customize your cluster] +* Optional: xref:../../support/remote_health_monitoring/opting-out-of-remote-health-reporting.adoc#opting-out-remote-health-reporting_opting-out-remote-health-reporting[Opt out of remote health reporting] \ No newline at end of file diff --git a/installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc b/installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc new file mode 100644 index 000000000000..75542226e3ac --- /dev/null +++ b/installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc @@ -0,0 +1,58 @@ +:_content-type: ASSEMBLY +[id="preparing-to-install-on-ibm-power-vs"] += Preparing to install on {ibmpowerProductName} Virtual Server +include::_attributes/common-attributes.adoc[] +:context: preparing-to-install-on-ibm-power-vs + +toc::[] + +The installation workflows documented in this section are for {ibmpowerProductName} Virtual Server infrastructure environments. + +[id="prerequisites_preparing-to-install-on-ibm-power-vs"] +== Prerequisites + +* You reviewed details about the xref:../../architecture/architecture-installation.adoc#architecture-installation[{product-title} installation and update] processes. + +* You read the documentation on xref:../../installing/installing-preparing.adoc#installing-preparing[selecting a cluster installation method and preparing it for users]. + +:FeatureName: {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure +include::snippets/technology-preview.adoc[] + +[id="requirements-for-installing-ocp-on-ibm-power-vs"] +== Requirements for installing {product-title} on {ibmpowerProductName} Virtual Server + +Before installing {product-title} on {ibmpowerProductName} Virtual Server, you must create a service account and configure an IBM Cloud account. See xref:../../installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc#installing-ibm-cloud-account-power-vs[Configuring an IBM Cloud account] for details about creating an account, configuring DNS and supported {ibmpowerProductName} Virtual Server regions. + +You must manually manage your cloud credentials when installing a cluster to {ibmpowerProductName} Virtual Server. Do this by configuring the Cloud Credential Operator (CCO) for manual mode before you install the cluster. + +[id="choosing-a-method-to-install-ocp-on-ibm-power-vs"] +== Choosing a method to install {product-title} on {ibmpowerProductName} Virtual Server + +You can install {product-title} on {ibmpowerProductName} Virtual Server using installer-provisioned infrastructure. This process involves using an installation program to provision the underlying infrastructure for your cluster. Installing {product-title} on {ibmpowerProductName} Virtual Server using user-provisioned infrastructure is not supported at this time. + +See xref:../../architecture/architecture-installation.adoc#installation-process_architecture-installation[Installation process] for more information about installer-provisioned installation processes. + +[id="choosing-an-method-to-install-ocp-on-power-vs-installer-provisioned"] +=== Installing a cluster on installer-provisioned infrastructure + +You can install a cluster on {ibmpowerProductName} Virtual Server infrastructure that is provisioned by the {product-title} installation program by using one of the following methods: + +* **xref:../../installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc#installing-ibm-power-vs-customizations[Installing a customized cluster on {ibmpowerProductName} Virtual Server]**: You can install a customized cluster on {ibmpowerProductName} Virtual Server infrastructure that the installation program provisions. The installation program allows for some customization to be applied at the installation stage. Many other customization options are available xref:../../post_installation_configuration/cluster-tasks.adoc#post-install-cluster-tasks[post-installation]. + +* **xref:../../installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc#installing-ibm-powervs-vpc[Installing a cluster on {ibmpowerProductName} Virtual Server into an existing VPC]**: You can install {product-title} on {ibmpowerProductName} Virtual Server into an existing Virtual Private Cloud (VPC). You can use this installation method if you have constraints set by the guidelines of your company, such as limits when creating new accounts or infrastructure. + +* **xref:../../installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc#installing-ibm-power-vs-private-cluster[Installing a private cluster on {ibmpowerProductName} Virtual Server]**: You can install a private cluster on {ibmpowerProductName} Virtual Server. You can use this method to deploy {product-title} on an internal network that is not visible to the internet. + +* **xref:../../installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc#installing-restricted-networks-ibm-power-vs[Installing a cluster on {ibmpowerProductName} Virtual Server in a restricted network]**: You can install {product-title} on {ibmpowerProductName} Virtual Server on installer-provisioned infrastructure by using an internal mirror of the installation release content. You can use this method to install a cluster that does not require an active internet connection to obtain the software components. + +include::modules/cco-ccoctl-configuring.adoc[leveloffset=+1] + +[role="_additional-resources"] +[id="additional-resources_configuring-ibm-cloud-refreshing-ids"] + +.Additional resources +* xref:../../post_installation_configuration/cluster-tasks.adoc#refreshing-service-ids-ibm-cloud_post-install-cluster-tasks[Rotating API keys] + +[id="next-steps_preparing-to-install-on-ibm-power-vs"] +== Next steps +* xref:../../installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc#installing-ibm-cloud-account-power-vs[Configuring an IBM Cloud account] \ No newline at end of file diff --git a/installing/installing_ibm_powervs/uninstalling-cluster-ibm-power-vs.adoc b/installing/installing_ibm_powervs/uninstalling-cluster-ibm-power-vs.adoc new file mode 100644 index 000000000000..ffcbdb93a46a --- /dev/null +++ b/installing/installing_ibm_powervs/uninstalling-cluster-ibm-power-vs.adoc @@ -0,0 +1,11 @@ +:_content-type: ASSEMBLY +[id="uninstalling-cluster-ibm-power-vs"] += Uninstalling a cluster on {ibmpowerProductName} Virtual Server +include::_attributes/common-attributes.adoc[] +:context: uninstalling-cluster-ibm-power-vs + +toc::[] + +You can remove a cluster that you deployed to {ibmpowerProductName} Virtual Server. + +include::modules/installation-uninstall-clouds.adoc[leveloffset=+1] \ No newline at end of file diff --git a/machine_management/creating_machinesets/creating-machineset-ibm-power-vs.adoc b/machine_management/creating_machinesets/creating-machineset-ibm-power-vs.adoc new file mode 100644 index 000000000000..0ee790376372 --- /dev/null +++ b/machine_management/creating_machinesets/creating-machineset-ibm-power-vs.adoc @@ -0,0 +1,18 @@ +:_content-type: ASSEMBLY +[id="creating-machineset-ibm-power-vs"] += Creating a compute machine set on {ibmpowerProductName} Virtual Server +include::_attributes/common-attributes.adoc[] +:context: creating-machineset-ibm-power-vs + +toc::[] + +You can create a different compute machine set to serve a specific purpose in your {product-title} cluster on {ibmpowerProductName} Virtual Server. For example, you might create infrastructure machine sets and related machines so that you can move supporting workloads to the new machines. + +//[IMPORTANT] admonition for UPI +include::modules/machine-user-provisioned-limitations.adoc[leveloffset=+1] + +//Sample YAML for a machine set custom resource on IBM Cloud +include::modules/machineset-yaml-ibm-power-vs.adoc[leveloffset=+1] + +//Creating a machine set +include::modules/machineset-creating.adoc[leveloffset=+1] diff --git a/modules/cco-ccoctl-configuring.adoc b/modules/cco-ccoctl-configuring.adoc index 69c4405ab844..6326a790e717 100644 --- a/modules/cco-ccoctl-configuring.adoc +++ b/modules/cco-ccoctl-configuring.adoc @@ -3,6 +3,7 @@ // * authentication/managing_cloud_provider_credentials/cco-mode-sts.adoc // * authentication/managing_cloud_provider_credentials/cco-mode-gcp-workload-identity.adoc // * installing/installing_ibm_cloud_public/configuring-iam-ibm-cloud.adoc +// * installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.doc // * installing/installing_alibaba/manually-creating-alibaba-ram.adoc // * installing/installing_nutanix/preparing-to-install-on-nutanix.adoc // * updating/preparing-manual-creds-update.adoc @@ -25,6 +26,9 @@ endif::[] ifeval::["{context}" == "preparing-manual-creds-update"] :update: endif::[] +ifeval::["{context}" == "preparing-to-install-on-ibm-power-vs"] +:ibm-power-vs: +endif::[] :_content-type: PROCEDURE [id="cco-ccoctl-configuring_{context}"] @@ -40,6 +44,9 @@ endif::alibabacloud[] ifdef::nutanix[] The Cloud Credential Operator (CCO) manages cloud provider credentials as Kubernetes custom resource definitions (CRDs). To install a cluster on Nutanix, you must set the CCO to `manual` mode as part of the installation process. endif::nutanix[] +ifdef::ibm-power-vs[] +The Cloud Credential Operator (CCO) manages cloud provider credentials as Kubernetes custom resource definitions (CRDs). To install a cluster on {ibmpowerProductName} Virtual Server, you must set the CCO to `manual` mode as part of the installation process. +endif::ibm-power-vs[] //Alibaba Cloud uses ccoctl, but creates different kinds of resources than other clouds, so this applies to everyone else. The upgrade procs also have a different intro, so they are excluded here. ifndef::alibabacloud,update[] @@ -192,3 +199,6 @@ endif::[] ifeval::["{context}" == "preparing-manual-creds-update"] :!update: endif::[] +ifeval::["{context}" == "preparing-to-install-on-ibm-power-vs"] +:!ibm-power-vs: +endif::[] diff --git a/modules/cli-installing-cli.adoc b/modules/cli-installing-cli.adoc index eb23acb53a97..a720179e9664 100644 --- a/modules/cli-installing-cli.adoc +++ b/modules/cli-installing-cli.adoc @@ -53,6 +53,9 @@ // * updating/updating-restricted-network-cluster.adoc // * installing/installing-nutanix-installer-provisioned.adoc // * installing/installing-restricted-networks-nutanix-installer-provisioned.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // AMQ docs link to this; do not change anchor ifeval::["{context}" == "mirroring-ocp-image-repository"] diff --git a/modules/cli-logging-in-kubeadmin.adoc b/modules/cli-logging-in-kubeadmin.adoc index e6ca8fac8d5c..c798515a34fd 100644 --- a/modules/cli-logging-in-kubeadmin.adoc +++ b/modules/cli-logging-in-kubeadmin.adoc @@ -34,6 +34,9 @@ // * installing/installing_ibm_cloud_public/installing-ibm-cloud-network-customizations.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-vpc.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_openstack/installing-openstack-installer-custom.adoc // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc // * installing/installing_openstack/installing-openstack-installer.adoc diff --git a/modules/cluster-entitlements.adoc b/modules/cluster-entitlements.adoc index 55a9fb762a37..a4071b82ed05 100644 --- a/modules/cluster-entitlements.adoc +++ b/modules/cluster-entitlements.adoc @@ -73,6 +73,9 @@ // * installing/installing_vmc/installing-vmc.adoc // * installing/installing_ibm_power/installing-ibm-power.adoc // * installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_azure_stack_hub/installing-azure-stack-hub-network-customizations.adoc // * architecture/architecture.adoc // * installing/installing_nutanix/installing-nutanix-installer-provisioned.adoc @@ -116,6 +119,9 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :restricted: endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:restricted: +endif::[] ifeval::["{context}" == "installing-restricted-networks-gcp"] :restricted: endif::[] @@ -141,10 +147,12 @@ You must have internet access to: * Obtain the packages that are required to perform cluster updates. ifdef::openshift-enterprise,openshift-webscale[] +ifndef::restricted[] [IMPORTANT] ==== If your cluster cannot have direct internet access, you can perform a restricted network installation on some types of infrastructure that you provision. During that process, you download the required content and use it to populate a mirror registry with the installation packages. With some installation types, the environment that you install your cluster in will not require internet access. Before you update the cluster, you update the content of the mirror registry. ==== +endif::restricted[] endif::openshift-enterprise,openshift-webscale[] endif::openshift-origin[] @@ -188,6 +196,9 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :!restricted: endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!restricted: +endif::[] ifeval::["{context}" == "installing-restricted-networks-gcp"] :!restricted: endif::[] diff --git a/modules/cluster-telemetry.adoc b/modules/cluster-telemetry.adoc index 1bc9a0263441..352a0a79c74d 100644 --- a/modules/cluster-telemetry.adoc +++ b/modules/cluster-telemetry.adoc @@ -72,6 +72,9 @@ // * installing/installing_vmc/installing-vmc.adoc // * installing/installing_ibm_power/installing-ibm-power.adoc // * installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing-nutanix-installer-provisioned.adoc // * installing/installing-restricted-networks-nutanix-installer-provisioned.adoc diff --git a/modules/creating-ibm-power-vs-workspace-procedure.adoc b/modules/creating-ibm-power-vs-workspace-procedure.adoc new file mode 100644 index 000000000000..ef98301347dc --- /dev/null +++ b/modules/creating-ibm-power-vs-workspace-procedure.adoc @@ -0,0 +1,19 @@ +// * installing/installing_ibm_powervs/creating-ibm-power-vs-workspace.adoc + +:_content-type: PROCEDURE +[id="creating-ibm-power-vs-workspace-procedure_{context}"] += Creating an {ibmpowerProductName} Virtual Server workspace + +Use the following procedure to create an {ibmpowerProductName} Virtual Server workspace. + +.Procedure + +. To create an {ibmpowerProductName} Virtual Server workspace, complete step 1 to step 5 from the IBM Cloud documentation for link:https://cloud.ibm.com/docs/power-iaas?topic=power-iaas-creating-power-virtual-server[Creating an IBM Power Virtual Server]. + +. After it has finished provisioning, retrieve the 32-character alphanumeric ID of your new workspace by entering the following command: ++ +[source,terminal] +---- +$ ibmcloud resource service-instances | grep +---- ++ diff --git a/modules/installation-about-restricted-network.adoc b/modules/installation-about-restricted-network.adoc index 20751162c52a..8bee76e27da6 100644 --- a/modules/installation-about-restricted-network.adoc +++ b/modules/installation-about-restricted-network.adoc @@ -11,6 +11,7 @@ // * installing/installing_openstack/installing-openstack-installer-restricted.adoc // * installing/installing_ibm_z/installing-restricted-networks-ibm-z.adoc // * installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc // * installing/installing-rhv-restricted-network.adoc // * installing/installing-restricted-networks-nutanix-installer-provisioned.adoc @@ -20,6 +21,9 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :ibm-power: endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:ipi: +endif::[] ifeval::["{context}" == "installing-restricted-networks-gcp-installer-provisioned"] :ipi: endif::[] @@ -89,6 +93,9 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :!ibm-power: endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!ipi: +endif::[] ifeval::["{context}" == "installing-restricted-networks-gcp-installer-provisioned"] :!ipi: endif::[] diff --git a/modules/installation-cis-ibm-cloud.adoc b/modules/installation-cis-ibm-cloud.adoc index 2263175c6afb..b4ee1501fe71 100644 --- a/modules/installation-cis-ibm-cloud.adoc +++ b/modules/installation-cis-ibm-cloud.adoc @@ -1,6 +1,7 @@ // Module included in the following assemblies: // // installing/installing_ibm_cloud_public/installing-ibm-cloud-account.adoc +// installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc :_content-type: PROCEDURE [id="installation-cis-ibm-cloud_{context}"] @@ -10,7 +11,7 @@ The installation program uses IBM Cloud Internet Services (CIS) to configure clu [NOTE] ==== -IBM Cloud VPC does not support IPv6, so dual stack or IPv6 environments are not possible. +This offering does not support IPv6, so dual stack or IPv6 environments are not possible. ==== You must create a domain zone in CIS in the same account as your cluster. You must also ensure the zone is authoritative for the domain. You can do this using a root domain or subdomain. @@ -64,4 +65,4 @@ A root domain uses the form `openshiftcorp.com`. A subdomain uses the form `clus . Open the link:https://cloud.ibm.com/catalog/services/internet-services[CIS web console], navigate to the *Overview* page, and note your CIS name servers. These name servers will be used in the next step. -. Configure the name servers for your domains or subdomains at the domain's registrar or DNS provider. For more information, see IBM Cloud's link:https://cloud.ibm.com/docs/cis?topic=cis-getting-started#configure-your-name-servers-with-the-registrar-or-existing-dns-provider[documentation]. +. Configure the name servers for your domains or subdomains at the domain's registrar or DNS provider. For more information, see the IBM Cloud link:https://cloud.ibm.com/docs/cis?topic=cis-getting-started#configure-your-name-servers-with-the-registrar-or-existing-dns-provider[documentation]. \ No newline at end of file diff --git a/modules/installation-configuration-parameters.adoc b/modules/installation-configuration-parameters.adoc index 088336fc6c39..4b857e697a88 100644 --- a/modules/installation-configuration-parameters.adoc +++ b/modules/installation-configuration-parameters.adoc @@ -33,6 +33,10 @@ // * installing/installing_ibm_cloud_public/intalling-ibm-cloud-private.adoc // * installing/installing_ibm_power/installing-ibm-power.adoc // * installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_ibm_z/installing-ibm-z-kvm.adoc // * installing/installing_ibm_z/installing-ibm-z.adoc // * installing/installing_ibm_z/installing-restricted-networks-ibm-z-kvm.adoc @@ -227,6 +231,18 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :ibm-power: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:ibm-power-vs: +endif::[] ifeval::["{context}" == "installing-azure-stack-hub-default"] :ash: endif::[] @@ -250,9 +266,9 @@ Before you deploy an {product-title} cluster, you provide parameter values to de endif::bare,ibm-power,ibm-z,ash[] // If the user manually creates install-config.yaml -ifdef::bare,ibm-power,ibm-z,ash[] +ifdef::bare,ibm-power,ibm-power-vs,ibm-z,ash[] Before you deploy an {product-title} cluster, you provide a customized `install-config.yaml` installation configuration file that describes the details for your environment. -endif::bare,ibm-power,ibm-z,ash[] +endif::bare,ibm-power,ibm-power-vs,ibm-z,ash[] [NOTE] ==== @@ -295,7 +311,7 @@ The string must be 14 characters or fewer long. endif::osp[] |`platform` -|The configuration for the specific platform upon which to perform the installation: `alibabacloud`, `aws`, `baremetal`, `azure`, `gcp`, `ibmcloud`, `nutanix`, `openstack`, `ovirt`, `vsphere`, or `{}`. For additional information about `platform.` parameters, consult the table for your specific platform that follows. +|The configuration for the specific platform upon which to perform the installation: `alibabacloud`, `aws`, `baremetal`, `azure`, `gcp`, `ibmcloud`, `nutanix`, `openstack`, `ovirt`, `powervs`, `vsphere`, or `{}`. For additional information about `platform.` parameters, consult the table for your specific platform that follows. |Object ifndef::openshift-origin[] @@ -408,7 +424,12 @@ ifdef::openshift-origin[] Either `OpenShiftSDN` or `OVNKubernetes`. The default value is `OVNKubernetes`. endif::openshift-origin[] ifndef::openshift-origin[] +ifndef::ibm-power-vs[] Either `OpenShiftSDN` or `OVNKubernetes`. `OpenShiftSDN` is a CNI plugin for all-Linux networks. `OVNKubernetes` is a CNI plugin for Linux networks and hybrid networks that contain both Linux and Windows servers. The default value is `OVNKubernetes`. +endif::ibm-power-vs[] +ifdef::ibm-power-vs[] +The default value is `OVNKubernetes`. +endif::ibm-power-vs[] endif::openshift-origin[] |`networking.clusterNetwork` @@ -502,7 +523,9 @@ endif::bare[] | The IP address blocks for machines. +ifndef::ibm-power-vs[] If you specify multiple IP address blocks, the blocks must not overlap. +endif::ibm-power-vs[] ifdef::ibm-z,ibm-power[] If you specify multiple IP kernel arguments, the `machineNetwork.cidr` value must be the CIDR of the primary network. @@ -518,19 +541,22 @@ networking: |`networking.machineNetwork.cidr` | -Required if you use `networking.machineNetwork`. An IP address block. The default value is `10.0.0.0/16` for all platforms other than libvirt. For libvirt, the default value is `192.168.126.0/24`. +Required if you use `networking.machineNetwork`. An IP address block. The default value is `10.0.0.0/16` for all platforms other than libvirt and {ibmpowerProductName} Virtual Server. For libvirt, the default value is `192.168.126.0/24`. For {ibmpowerProductName} Virtual Server, the default value is `192.168.0.0/24`. ifdef::ibm-cloud-vpc[] The CIDR must contain the subnets defined in `platform.ibmcloud.controlPlaneSubnets` and `platform.ibmcloud.computeSubnets`. endif::ibm-cloud-vpc[] | An IP network block in CIDR notation. -ifndef::bare[] +ifndef::bare,ibm-power-vs[] For example, `10.0.0.0/16`. -endif::bare[] +endif::bare,ibm-power-vs[] ifdef::bare[] For example, `10.0.0.0/16` or `fd00::/48`. endif::bare[] +ifdef::ibm-power-vs[] +For example, `192.168.0.0/24`. +endif::ibm-power-vs[] [NOTE] ==== @@ -574,11 +600,11 @@ endif::rhv[] ifndef::openshift-origin[] -ifndef::aws,bare,ibm-power,ibm-z,azure[] +ifndef::aws,bare,ibm-power,ibm-z,azure,ibm-power-vs[] |`compute.architecture` |Determines the instruction set architecture of the machines in the pool. Currently, clusters with varied architectures are not supported. All pools must specify the same architecture. Valid values are `amd64` (the default). |String -endif::aws,bare,ibm-power,ibm-z,azure[] +endif::aws,bare,ibm-power,ibm-z,azure,ibm-power-vs[] ifdef::aws,bare,azure[] |`compute.architecture` @@ -592,11 +618,11 @@ ifdef::ibm-z[] |String endif::ibm-z[] -ifdef::ibm-power[] +ifdef::ibm-power,ibm-power-vs[] |`compute.architecture` |Determines the instruction set architecture of the machines in the pool. Currently, heteregeneous clusters are not supported, so all pools must specify the same architecture. Valid values are `ppc64le` (the default). |String -endif::ibm-power[] +endif::ibm-power,ibm-power-vs[] endif::openshift-origin[] ifdef::openshift-origin[] @@ -623,7 +649,7 @@ accounts for the dramatically decreased machine performance. |`compute.platform` |Required if you use `compute`. Use this parameter to specify the cloud provider to host the worker machines. This parameter value must match the `controlPlane.platform` parameter value. -|`alibabacloud`, `aws`, `azure`, `gcp`, `ibmcloud`, `nutanix`, `openstack`, `ovirt`, `vsphere`, or `{}` +|`alibabacloud`, `aws`, `azure`, `gcp`, `ibmcloud`, `nutanix`, `openstack`, `ovirt`, `powervs`, `vsphere`, or `{}` |`compute.replicas` |The number of compute machines, which are also known as worker machines, to provision. @@ -641,11 +667,11 @@ For details, see the "Additional RHV parameters for machine pools" table. endif::rhv[] ifndef::openshift-origin[] -ifndef::aws,bare,ibm-z,ibm-power,azure[] +ifndef::aws,bare,ibm-z,ibm-power,azure,ibm-power-vs[] |`controlPlane.architecture` |Determines the instruction set architecture of the machines in the pool. Currently, clusters with varied architectures are not supported. All pools must specify the same architecture. Valid values are `amd64` (the default). |String -endif::aws,bare,ibm-z,ibm-power,azure[] +endif::aws,bare,ibm-z,ibm-power,azure,ibm-power-vs[] ifdef::aws,bare,azure[] |`controlPlane.architecture` @@ -659,11 +685,11 @@ ifdef::ibm-z[] |String endif::ibm-z[] -ifdef::ibm-power[] +ifdef::ibm-power,ibm-power-vs[] |`controlPlane.architecture` |Determines the instruction set architecture of the machines in the pool. Currently, heterogeneous clusters are not supported, so all pools must specify the same architecture. Valid values are `ppc64le` (the default). |String -endif::ibm-power[] +endif::ibm-power,ibm-power-vs[] endif::openshift-origin[] ifdef::openshift-origin[] @@ -690,7 +716,7 @@ accounts for the dramatically decreased machine performance. |`controlPlane.platform` |Required if you use `controlPlane`. Use this parameter to specify the cloud provider that hosts the control plane machines. This parameter value must match the `compute.platform` parameter value. -|`alibabacloud`, `aws`, `azure`, `gcp`, `ibmcloud`, `nutanix`, `openstack`, `ovirt`, `vsphere`, or `{}` +|`alibabacloud`, `aws`, `azure`, `gcp`, `ibmcloud`, `nutanix`, `openstack`, `ovirt`, `powervs`, `vsphere`, or `{}` |`controlPlane.replicas` |The number of control plane machines to provision. @@ -708,7 +734,7 @@ Not all CCO modes are supported for all cloud providers. For more information ab If your AWS account has service control policies (SCP) enabled, you must configure the `credentialsMode` parameter to `Mint`, `Passthrough` or `Manual`. ==== |`Mint`, `Passthrough`, `Manual` or an empty string (`""`). -ifndef::openshift-origin[] +ifndef::openshift-origin,ibm-power-vs[] |`fips` |Enable or disable FIPS mode. The default is `false` (disabled). If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead. [IMPORTANT] @@ -720,7 +746,7 @@ The use of FIPS Validated / Modules in Process cryptographic libraries is only s If you are using Azure File storage, you cannot enable FIPS mode. ==== |`false` or `true` -endif::openshift-origin[] +endif::openshift-origin,ibm-power-vs[] |`imageContentSources` |Sources and repositories for the release-image content. |Array of objects. Includes a `source` and, optionally, `mirrors`, as described in the following rows of this table. @@ -751,12 +777,14 @@ ifndef::aws,aws-govcloud,aws-secret,azure,gcp,ibm-cloud[] `Internal` or `External`. The default value is `External`. Setting this field to `Internal` is not supported on non-cloud platforms. +ifndef::ibm-power-vs[] ifeval::[{product-version} <= 4.7] [IMPORTANT] ==== If the value of the field is set to `Internal`, the cluster will become non-functional. For more information, refer to link:https://bugzilla.redhat.com/show_bug.cgi?id=1953035[BZ#1953035]. ==== endif::[] +endif::ibm-power-vs[] endif::[] |`sshKey` @@ -1549,6 +1577,97 @@ In either case, this resource group must only be used for a single cluster insta -- endif::ibm-cloud[] +ifdef::ibm-power-vs[] +[id="installation-configuration-parameters-additional-ibm-cloud_{context}"] +== Additional {ibmpowerProductName} Virtual Server configuration parameters + +Additional {ibmpowerProductName} Virtual Server configuration parameters are described in the following table: + +.Additional {ibmpowerProductName} Virtual Server parameters +[cols=".^1,.^6a,.^3a",options="header"] +|==== +|Parameter|Description|Values + +|`platform.powervs.userID` +|The UserID is the login for the user's IBM Cloud account. +|String. For example `existing_user_id`. + +|`platform.powervs.powervsResourceGroup` +|The PowerVSResourceGroup is the resource group in which {ibmpowerProductName} Virtual Server resources are created. If using an existing VPC, the existing VPC and subnets should be in this resource group. +|String. For example `existing_resource_group`. + +|`platform.powervs.region` +|Specifies the IBM Cloud colo region where the cluster will be created. +|String. For example `existing_region`. + +|`platform.powervs.zone` +|Specifies the IBM Cloud colo region where the cluster will be created. +|String. For example `existing_zone`. + +|`platform.powervs.serviceInstanceID` +|The ServiceInstanceID is the ID of the Power IAAS instance created from the IBM Cloud Catalog. +|String. For example `existing_service_instance_ID`. + +|`platform.powervs.vpcRegion` +|Specifies the IBM Cloud region in which to create VPC resources. +|String. For example `existing_vpc_region`. + +|`platform.powervs.vpcSubnets` +|Specifies existing subnets (by name) where cluster resources will be created. +|String. For example `powervs_region_example_subnet`. + +|`platform.powervs.vpcName` +|Specifies the IBM Cloud VPC name. +|String. For example `existing_vpcName`. + +|`platform.powervs.cloudConnectionName` +|The CloudConnctionName is the name of an existing PowerVS Cloud connection. +|String. For example `existing_cloudConnectionName`. + +|`platform.powervs.clusterOSImage` +|The ClusterOSImage is a pre-created {ibmpowerProductName} Virtual Server boot image that overrides the default image for cluster nodes. +|String. For example `existing_cluster_os_image`. + +|`platform.powervs.defaultMachinePlatform` +|The DefaultMachinePlatform is the default configuration used when installing on {ibmpowerProductName} Virtual Server for machine pools that do not define their own platform configuration. +|String. For example `existing_machine_platform`. + +//|`platform.ibmcloud.dedicatedHosts.profile` +//|The new dedicated host to create. If you specify a value for `platform.ibmcloud.dedicatedHosts.name`, this parameter is not required. +//|Valid IBM Cloud VPC dedicated host profile, such as `cx2-host-152x304`. [^2^] + +//|`platform.ibmcloud.dedicatedHosts.name` +//|An existing dedicated host. If you specify a value for `platform.ibmcloud.dedicatedHosts.profile`, this parameter is not required. +//|String, for example `my-dedicated-host-name`. + +//|`platform.ibmcloud.type` +//|The instance type for all IBM Cloud VPC machines. +//|Valid IBM Cloud VPC instance type, such as `bx2-8x32`. [^2^] + +|`platform.powervs.memoryGiB` +|The size of a virtual machine's memory, in GB. +|The valid integer must be an integer number of GB that is at least 2 and no more than 64, depending on the machine type. + +|`platform.powervs.procType` +|The ProcType defines the processor sharing model for the instance. +|The valid values are Capped, Dedicated and Shared. + +|`platform.powervs.processors` +|The Processors defines the processing units for the instance. +|The number of processors must be from .5 to 32 cores. The processors must be in increments of .25. + +|`platform.powervs.sysType` +|The SysType defines the system type for the instance. +|The system type must be one of {e980,s922}. + +|==== +[.small] +-- +1. Whether you define an existing resource group, or if the installer creates one, determines how the resource group is treated when the cluster is uninstalled. If you define a resource group, the installer removes all of the installer-provisioned resources, but leaves the resource group alone; if a resource group is created as part of the installation, the installer removes all of the installer provisioned resources and the resource group. +2. To determine which profile best meets your needs, see https://cloud.ibm.com/docs/vpc?topic=vpc-profiles&interface=ui[Instance Profiles] in the IBM documentation. +-- +endif::ibm-power-vs[] + ifdef::rhv[] [id="installation-configuration-parameters-additional-rhv_{context}"] == Additional {rh-virtualization-first} configuration parameters @@ -2350,6 +2469,18 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :!ibm-power: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:!ibm-power-vs: +endif::[] ifeval::["{context}" == "installing-azure-stack-hub-default"] :!ash: endif::[] diff --git a/modules/installation-configure-proxy.adoc b/modules/installation-configure-proxy.adoc index 1ef40e38b542..4464e73418f2 100644 --- a/modules/installation-configure-proxy.adoc +++ b/modules/installation-configure-proxy.adoc @@ -54,6 +54,10 @@ // * installing/installing_ibm_z/installing-restricted-networks-ibm-z-kvm.adoc // * installing/installing_ibm_power/installing-ibm-power.adoc // * installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_platform_agnostic/installing-platform-agnostic.adoc // * networking/configuring-a-custom-pki.adoc // * installing/installing-rhv-restricted-network.adoc diff --git a/modules/installation-custom-ibm-cloud-vpc.adoc b/modules/installation-custom-ibm-cloud-vpc.adoc index 8d0d0769f21a..3c60e3bebb25 100644 --- a/modules/installation-custom-ibm-cloud-vpc.adoc +++ b/modules/installation-custom-ibm-cloud-vpc.adoc @@ -1,6 +1,7 @@ // Module included in the following assemblies: // // * installing/installing_gcp/installing-ibm-cloud-vpc.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc :_content-type: CONCEPT [id="installation-custom-ibm-cloud-vpc_{context}"] diff --git a/modules/installation-custom-ibm-power-vs.adoc b/modules/installation-custom-ibm-power-vs.adoc new file mode 100644 index 000000000000..d4a249fdebe9 --- /dev/null +++ b/modules/installation-custom-ibm-power-vs.adoc @@ -0,0 +1,89 @@ +// Module included in the following assemblies: +// +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc + +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:private: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:restricted: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:ibm-powervs-vpc: +endif::[] + +:_content-type: CONCEPT +ifndef::private[] +[id="installation-custom-ibm-powervs-vpc_{context}"] += About using a custom VPC + +ifdef::ibm-powervs-vpc[] +In {product-title} {product-version}, you can deploy a cluster using an existing IBM Virtual Private Cloud (VPC). + +Because the installation program cannot know what other components are in your existing subnets, it cannot choose subnet CIDRs and so forth. You must configure networking for the subnets to which you will install the cluster. +endif::ibm-powervs-vpc[] +ifdef::restricted[] +In {product-title} {product-version}, you can deploy a cluster into the subnets of an existing IBM Virtual Private Cloud (VPC). +endif::restricted[] +endif::private[] + +[id="installation-custom-ibm-power-vs-requirements_{context}"] +ifdef::private[] += Requirements for using your VPC +endif::private[] +ifdef::ibm-powervs-vpc,restricted[] +== Requirements for using your VPC +endif::ibm-powervs-vpc,restricted[] + +You must correctly configure the existing VPC and its subnets before you install the cluster. The installation program does not create a VPC or VPC subnet in this scenario. + +The installation program cannot: + +* Subdivide network ranges for the cluster to use +* Set route tables for the subnets +* Set VPC options like DHCP + +include::snippets/custom-dns-server.adoc[] + +[id="installation-custom-ibm-power-vs-validation_{context}"] +== VPC validation + +The VPC and all of the subnets must be in an existing resource group. The cluster is deployed to this resource group. + +As part of the installation, specify the following in the `install-config.yaml` file: + +* The name of the resource group +* The name of VPC +* The name of the VPC subnet + +To ensure that the subnets that you provide are suitable, the installation program confirms that all of the subnets you specify exists. + +[NOTE] +==== +Subnet IDs are not supported. +==== + +[id="installation-custom-ibm-power-vs-isolation_{context}"] +== Isolation between clusters + +If you deploy {product-title} to an existing network, the isolation of cluster services is reduced in the following ways: + +* ICMP Ingress is allowed to the entire network. + +* TCP port 22 Ingress (SSH) is allowed to the entire network. + +* Control plane TCP 6443 Ingress (Kubernetes API) is allowed to the entire network. + +* Control plane TCP 22623 Ingress (MCS) is allowed to the entire network. + +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!private: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!restricted: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:!ibm-powervs-vpc: +endif::[] \ No newline at end of file diff --git a/modules/installation-ibm-cloud-creating-api-key.adoc b/modules/installation-ibm-cloud-creating-api-key.adoc index 8de3f4e45ae4..f77f544984fc 100644 --- a/modules/installation-ibm-cloud-creating-api-key.adoc +++ b/modules/installation-ibm-cloud-creating-api-key.adoc @@ -1,6 +1,7 @@ // Module included in the following assemblies: // // installing/installing_ibm_cloud_public/installing-ibm-cloud-account.adoc +// installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc :_content-type: PROCEDURE [id="installation-ibm-cloud-creating-api-key_{context}"] diff --git a/modules/installation-ibm-cloud-export-variables.adoc b/modules/installation-ibm-cloud-export-variables.adoc index 005c8732e022..f93c390548f8 100644 --- a/modules/installation-ibm-cloud-export-variables.adoc +++ b/modules/installation-ibm-cloud-export-variables.adoc @@ -4,6 +4,10 @@ // * installing/installing_ibm_cloud_public/installing-ibm-cloud-network-customizations.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-vpc.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc ifeval::["{context}" == "installing-ibm-cloud-customizations"] :ibm-vpc: @@ -17,12 +21,24 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-private"] :ibm-vpc: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:ibm-power-vs: +endif::[] :_content-type: PROCEDURE [id="installation-ibm-cloud-export-variables_{context}"] -= Exporting the IBM Cloud VPC API key += Exporting the API key -You must set the IBM Cloud VPC API key you created as a global variable; the installation program ingests the variable during startup to set the API key. +You must set the API key you created as a global variable; the installation program ingests the variable during startup to set the API key. .Prerequisites @@ -30,7 +46,7 @@ You must set the IBM Cloud VPC API key you created as a global variable; the ins .Procedure -* Export your IBM Cloud VPC API key as a global variable: +* Export your API key for your account as a global variable: ifdef::ibm-vpc[] + [source,terminal] @@ -38,6 +54,13 @@ ifdef::ibm-vpc[] $ export IC_API_KEY= ---- endif::ibm-vpc[] +ifdef::ibm-power-vs[] ++ +[source,terminal] +---- +$ export IBMCLOUD_API_KEY= +---- +endif::ibm-power-vs[] [IMPORTANT] ==== @@ -56,3 +79,15 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-private"] :!ibm-vpc: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:!ibm-power-vs: +endif::[] diff --git a/modules/installation-ibm-cloud-iam-policies-api-key.adoc b/modules/installation-ibm-cloud-iam-policies-api-key.adoc index ebf9509405c8..5c2222e02e5f 100644 --- a/modules/installation-ibm-cloud-iam-policies-api-key.adoc +++ b/modules/installation-ibm-cloud-iam-policies-api-key.adoc @@ -1,6 +1,14 @@ // Module included in the following assemblies: // // installing/installing_ibm_cloud_public/installing-ibm-cloud-account.adoc +// installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc + +ifeval::["{context}" == "installing-ibm-cloud-account"] +:ibm-vpc: +endif::[] +ifeval::["{context}" == "installing-ibm-cloud-account-power-vs"] +:ibm-power-vs: +endif::[] :_content-type: CONCEPT [id="installation-ibm-cloud-iam-policies-api-key_{context}"] @@ -10,6 +18,7 @@ To install {product-title} into your IBM Cloud account, the installation program For an IBM Cloud IAM overview, see the IBM Cloud link:https://cloud.ibm.com/docs/account?topic=account-iamoverview[documentation]. +ifdef::ibm-vpc[] [id="required-access-policies-ibm-cloud_{context}"] == Required access policies @@ -64,14 +73,86 @@ You must assign the required access policies to your IBM Cloud account. 3. Only one service is required. The service that is required depends on the type of cluster that you are installing. If you are installing a public cluster, `Internet Services` is required. If you are installing a private cluster, `DNS Services` is required. -- //TODO: IBM confirmed current values in the table above. They hope to provide more guidance on possibly scoping down the permissions (related to resource group actions). +endif::ibm-vpc[] + +ifdef::ibm-power-vs[] +[id="pre-requisite-permissions-ibm-cloud_{context}"] +== Pre-requisite permissions + +.Pre-requisite permissions +[cols="1,2",options="header"] +|=== +|Role |Access + +|Viewer, Operator, Editor, Administrator, Reader, Writer, Manager +|Internet Services service in resource group + +|Viewer, Operator, Editor, Administrator, User API key creator, Service ID creator +|IAM Identity Service service + +|Viewer, Operator, Administrator, Editor, Reader, Writer, Manager, Console Administrator +|VPC Infrastructure Services service in resource group + +|Viewer +|Resource Group: Access to view the resource group itself. The resource type should equal `Resource group`, with a value of . +|=== + +[id="cluster-creation-permissions-ibm-cloud_{context}"] +== Cluster-creation permissions + +.Cluster-creation permissions +[cols="1,2",options="header"] +|=== +|Role |Access + +|Viewer +| (Resource Group Created for Your Team) + +|Viewer, Operator, Editor, Reader, Writer, Manager +|All service in Default resource group + +|Viewer, Reader +|Internet Services service + +|Viewer, Operator, Reader, Writer, Manager, Content Reader, Object Reader, Object Writer, Editor +|Cloud Object Storage service + +|Viewer +|Default resource group: The resource type should equal `Resource group`, with a value of `Default`. If your account administrator changed your account's default resource group to something other than Default, use that value instead. + +|Viewer, Operator, Editor, Reader, Manager +|Power Systems Virtual Server service in resource group + +|Viewer, Operator, Editor, Reader, Writer, Manager, Administrator +|Internet Services service in resource group: CIS functional scope string equals reliability + +|Viewer, Operator, Editor +|Direct Link service + +|Viewer, Operator, Editor, Administrator, Reader, Writer, Manager, Console Administrator +|VPC Infrastructure Services service resource group +|=== +endif::ibm-power-vs[] [id="access-policy-assignment-ibm-cloud_{context}"] == Access policy assignment +ifdef::ibm-vpc[] In IBM Cloud VPC IAM, access policies can be attached to different subjects: +endif::ibm-vpc[] +ifdef::ibm-power-vs[] +In IBM Cloud IAM, access policies can be attached to different subjects: +endif::ibm-power-vs[] * Access group (Recommended) * Service ID * User The recommended method is to define IAM access policies in an link:https://cloud.ibm.com/docs/account?topic=account-groups[access group]. This helps organize all the access required for {product-title} and enables you to onboard users and service IDs to this group. You can also assign access to link:https://cloud.ibm.com/docs/account?topic=account-assign-access-resources[users and service IDs] directly, if desired. + +ifeval::["{context}" == "installing-ibm-cloud-account"] +:!ibm-vpc: +endif::[] +ifeval::["{context}" == "installing-ibm-cloud-account-power-vs"] +:!ibm-power-vs: +endif::[] \ No newline at end of file diff --git a/modules/installation-ibm-cloud-regions.adoc b/modules/installation-ibm-cloud-regions.adoc index ae39d3eeed20..733507b03831 100644 --- a/modules/installation-ibm-cloud-regions.adoc +++ b/modules/installation-ibm-cloud-regions.adoc @@ -1,13 +1,28 @@ // Module included in the following assemblies: // // installing/installing_ibm_cloud_public/installing-ibm-cloud-account.adoc +// installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc + +ifeval::["{context}" == "installing-ibm-cloud-account"] +:ibm-vpc: +endif::[] +ifeval::["{context}" == "installing-ibm-cloud-account-power-vs"] +:ibm-power-vs: +endif::[] :_content-type: REFERENCE +ifdef::ibm-vpc[] [id="installation-ibm-cloud-regions_{context}"] = Supported IBM Cloud VPC regions +endif::ibm-vpc[] +ifdef::ibm-power-vs[] +[id="installation-ibm-power-vs-regions_{context}"] += Supported {ibmpowerProductName} Virtual Server regions and zones +endif::ibm-power-vs[] You can deploy an {product-title} cluster to the following regions: +ifdef::ibm-vpc[] //Not listed for openshift-install: br-sao, in-che, kr-seo * `au-syd` (Sydney, Australia) @@ -19,3 +34,45 @@ You can deploy an {product-title} cluster to the following regions: * `jp-tok` (Tokyo, Japan) * `us-east` (Washington DC, United States) * `us-south` (Dallas, United States) +endif::ibm-vpc[] +ifdef::ibm-power-vs[] + +* `dal` (Dallas, USA) +** `dal12` +* `us-east` (Washington DC, USA) +** `us-east` +* `eu-de` (Frankfurt, Germany) +** `eu-de-1` +** `eu-de-2` +* `lon` (London, UK) +** `lon04` +** `lon06` +* `osa` (Osaka, Japan) +** `osa21` +* `sao` (Sao Paulo, Brazil) +** `sao01` +* `syd` (Sydney, Australia) +** `syd04` +* `tok` (Tokyo, Japan) +** `tok04` +* `tor` (Toronto, Canada) +** `tor01` + +You might optionally specify the IBM Cloud VPC region in which the installer will create any VPC components. Supported regions in IBM Cloud are: + +* `us-south` +* `eu-de` +* `eu-gb` +* `jp-osa` +* `au-syd` +* `br-sao` +* `ca-tor` +* `jp-tok` +endif::ibm-power-vs[] + +ifeval::["{context}" == "installing-ibm-cloud-account"] +:!ibm-vpc: +endif::[] +ifeval::["{context}" == "installing-ibm-cloud-account-power-vs"] +:!ibm-power-vs: +endif::[] \ No newline at end of file diff --git a/modules/installation-ibm-power-vs-config-yaml.adoc b/modules/installation-ibm-power-vs-config-yaml.adoc new file mode 100644 index 000000000000..40b42d82124f --- /dev/null +++ b/modules/installation-ibm-power-vs-config-yaml.adoc @@ -0,0 +1,354 @@ +// Module included in the following assemblies: +// +// * installing/installing_ibm_power/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_power/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_power/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_power/installing-ibm-powervs-vpc.adoc + +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:private: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:restricted: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:ibm-powervs-vpc: +endif::[] + +:_content-type: REFERENCE +[id="installation-ibm-power-vs-config-yaml_{context}"] += Sample customized install-config.yaml file for {ibmpowerProductName} Virtual Server + +You can customize the `install-config.yaml` file to specify more details about your {product-title} cluster's platform or modify the values of the required parameters. + +[IMPORTANT] +==== +This sample YAML file is provided for reference only. You must obtain your `install-config.yaml` file by using the installation program and modify it. +==== + +ifdef::ibm-power-vs[] +[source,yaml] +---- +apiVersion: v1 +baseDomain: example.com +compute: <1> <2> +- architecture: ppc64le + hyperthreading: Enabled <3> + name: worker + platform: {} + replicas: 3 +controlPlane: <1> <2> + architecture: ppc64le + hyperthreading: Enabled <3> + name: master + platform: {} + replicas: 3 +metadata: + creationTimestamp: null + name: example-cluster-name +networking: + clusterNetwork: + - cidr: 10.128.0.0/14 + hostPrefix: 23 + machineNetwork: + - cidr: 192.168.0.0/24 + networkType: OVNKubernetes <4> + serviceNetwork: + - 172.30.0.0/16 +platform: + powervs: + userID: ibm-user-id + region: powervs-region + zone: powervs-zone + powervsResourceGroup: "ibmcloud-resource-group" <5> + serviceInstanceID: "powervs-region-service-instance-id" +vpcRegion : vpc-region +publish: External +pullSecret: '{"auths": ...}' <6> +sshKey: ssh-ed25519 AAAA... <7> +---- +<1> If you do not provide these parameters and values, the installation program provides the default value. +<2> The `controlPlane` section is a single mapping, but the compute section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Although both sections currently define a single machine pool, it is possible that {product-title} will support defining multiple compute pools during installation. Only one control plane pool is used. +<3> Whether to enable or disable simultaneous multithreading, or `hyperthreading`. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines. ++ +[IMPORTANT] +==== +If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. +==== +//ifndef::openshift-origin[] +//<5> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead. +//+ +//[IMPORTANT] +//==== +//The use of FIPS Validated or Modules in Process cryptographic libraries is only supported on {product-title} deployments on the `x86_64` architecture. +//==== +//<6> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. +//endif::openshift-origin[] +<4> The cluster network plugin to install. The supported values are `OVNKubernetes` and `OpenShiftSDN`. The default value is `OVNKubernetes`. +<5> The name of an existing resource group. +<6> Required. The installation program prompts you for this value. +ifdef::openshift-origin[] +<7> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. +endif::openshift-origin[] ++ +[NOTE] +==== +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses. +==== +endif::ibm-power-vs[] + +ifdef::private[] +[source,yaml] +---- +apiVersion: v1 +baseDomain: example.com +compute: <1> <2> +- architecture: ppc64le + hyperthreading: Enabled <3> + name: worker + platform: {} + replicas: 3 +controlPlane: <1> <2> + architecture: ppc64le + hyperthreading: Enabled <3> + name: master + platform: {} + replicas: 3 +metadata: + creationTimestamp: null + name: example-private-cluster-name +networking: + clusterNetwork: + - cidr: 10.128.0.0/14 <4> + hostPrefix: 23 + machineNetwork: + - cidr: 192.168.0.0/24 + networkType: OVNKubernetes <5> + serviceNetwork: + - 172.30.0.0/16 +platform: + powervs: + userID: ibm-user-id + powervsResourceGroup: "ibmcloud-resource-group" + region: powervs-region + vpcName: name-of-existing-vpc <6> + cloudConnectionName: powervs-region-example-cloud-con-priv + vpcSubnets: + - powervs-region-example-subnet-1 + vpcRegion : vpc-region + zone: powervs-zone + serviceInstanceID: "powervs-region-service-instance-id" +publish: Internal <7> +pullSecret: '{"auths": ...}' <8> +sshKey: ssh-ed25519 AAAA... <9> +---- +<1> If you do not provide these parameters and values, the installation program provides the default value. +<2> The `controlPlane` section is a single mapping, but the compute section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Both sections currently define a single machine pool. Only one control plane pool is used. +<3> Whether to enable or disable simultaneous multithreading, or `hyperthreading`. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines. +<4> The machine CIDR must contain the subnets for the compute machines and control plane machines. +<5> The cluster network plugin to install. The supported values are `OVNKubernetes` and `OpenShiftSDN`. The default value is `OVNKubernetes`. +<6> Specify the name of an existing VPC. +<7> How to publish the user-facing endpoints of your cluster. Set publish to `Internal` to deploy a private cluster. +<8> Required. The installation program prompts you for this value. +<9> Provide the `sshKey` value that you use to access the machines in your cluster. ++ +[IMPORTANT] +==== +If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. +==== +//ifndef::openshift-origin[] +//<5> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead. +//+ +//[IMPORTANT] +//==== +//The use of FIPS Validated or Modules in Process cryptographic libraries is only supported on {product-title} deployments on the `x86_64` architecture. +//==== +//<6> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. +//endif::openshift-origin[] + +ifdef::openshift-origin[] +<5> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. +endif::openshift-origin[] ++ +[NOTE] +==== +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses. +==== +endif::private[] + +ifdef::ibm-powervs-vpc[] +[source,yaml] +---- +apiVersion: v1 +baseDomain: example.com +compute: <1> <2> +- architecture: ppc64le + hyperthreading: Enabled <3> + name: worker + platform: {} + replicas: 3 +controlPlane: <1> <2> + architecture: ppc64le + hyperthreading: Enabled <3> + name: master + platform: {} + replicas: 3 +metadata: + creationTimestamp: null + name: example-cluster-existing-vpc +networking: + clusterNetwork: + - cidr: 10.128.0.0/14 <4> + hostPrefix: 23 + machineNetwork: + - cidr: 192.168.0.0/24 + networkType: OVNKubernetes <5> + serviceNetwork: + - 172.30.0.0/16 +platform: + powervs: + userID: ibm-user-id + powervsResourceGroup: "ibmcloud-resource-group" + region: powervs-region + vpcRegion : vpc-region + vpcName: name-of-existing-vpc <6> + vpcSubnets: <7> + - powervs-region-example-subnet-1 + zone: powervs-zone + serviceInstanceID: "powervs-region-service-instance-id" +credentialsMode: Manual +publish: External <8> +pullSecret: '{"auths": ...}' <9> +fips: false +sshKey: ssh-ed25519 AAAA... <10> +---- +<1> If you do not provide these parameters and values, the installation program provides the default value. +<2> The `controlPlane` section is a single mapping, but the compute section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Both sections currently define a single machine pool. Only one control plane pool is used. +<3> Whether to enable or disable simultaneous multithreading, or `hyperthreading`. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines. +<4> The machine CIDR must contain the subnets for the compute machines and control plane machines. +<5> The cluster network plugin to install. The supported values are `OVNKubernetes` and `OpenShiftSDN`. The default value is `OVNKubernetes`. +<6> Specify the name of an existing VPC. +<7> Specify the name of the existing VPC subnet. The subnets must belong to the VPC that you specified. Specify a subnet for each availability zone in the region. +<8> How to publish the user-facing endpoints of your cluster. +<9> Required. The installation program prompts you for this value. +<10> Provide the `sshKey` value that you use to access the machines in your cluster. ++ +[IMPORTANT] +==== +If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. +==== +//ifndef::openshift-origin[] +//<5> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead. +//+ +//[IMPORTANT] +//==== +//The use of FIPS Validated or Modules in Process cryptographic libraries is only supported on {product-title} deployments on the `x86_64` architecture. +//==== +//<6> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. +//endif::openshift-origin[] + +ifdef::openshift-origin[] +<5> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. +endif::openshift-origin[] ++ +[NOTE] +==== +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses. +==== +endif::ibm-powervs-vpc[] + +ifdef::restricted[] +[source,yaml] +---- +apiVersion: v1 +baseDomain: example.com <1> +controlPlane: <2> <3> + hyperthreading: Enabled <4> + name: master + platform: + replicas: 3 +compute: <2> <3> +- hyperthreading: Enabled <4> + name: worker + platform: + ibmcloud: {} + replicas: 3 +metadata: + name: example-restricted-cluster-name <1> +networking: + clusterNetwork: + - cidr: 10.128.0.0/14 <5> + hostPrefix: 23 + machineNetwork: + - cidr: 10.0.0.0/16 <6> + networkType: OVNKubernetes <7> + serviceNetwork: + - 192.168.0.0/24 +platform: + powervs: + userid: ibm-user-id + powervsResourceGroup: "ibmcloud-resource-group" <8> + region: "powervs-region" + vpcRegion: "vpc-region" + vpcName: name-of-existing-vpc <9> + vpcSubnets: <10> + - name-of-existing-vpc-subnet + zone: "powervs-zone" + serviceInstanceID: "service-instance-id" +publish: Internal +credentialsMode: Manual +pullSecret: '{"auths":{"": {"auth": "","email": "you@example.com"}}}' <11> +sshKey: ssh-ed25519 AAAA... <12> +additionalTrustBundle: | <13> + -----BEGIN CERTIFICATE----- + + -----END CERTIFICATE----- +imageContentSources: <14> +- mirrors: + - //release + source: quay.io/openshift-release-dev/ocp-release +- mirrors: + - //release + source: quay.io/openshift-release-dev/ocp-v4.0-art-dev +---- +<1> Required. +<2> If you do not provide these parameters and values, the installation program provides the default value. +<3> The `controlPlane` section is a single mapping, but the `compute` section is a sequence of mappings. To meet the requirements of the different data structures, the first line of the `compute` section must begin with a hyphen, `-`, and the first line of the `controlPlane` section must not. Only one control plane pool is used. +//<4> Enables or disables simultaneous multithreading, also known as Hyper-Threading. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores. You can disable it by setting the parameter value to `Disabled`. If you disable simultaneous multithreading in some cluster machines, you must disable it in all cluster machines. ++ +[IMPORTANT] +==== +If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. Use larger machine types, such as `n1-standard-8`, for your machines if you disable simultaneous multithreading. +==== +<5> The machine CIDR must contain the subnets for the compute machines and control plane machines. +<6> The CIDR must contain the subnets defined in `platform.ibmcloud.controlPlaneSubnets` and `platform.ibmcloud.computeSubnets`. +<7> The cluster network plugin to install. The supported values are `OVNKubernetes` and `OpenShiftSDN`. The default value is `OVNKubernetes`. +<8> The name of an existing resource group. The existing VPC and subnets should be in this resource group. The cluster is deployed to this resource group. +<9> Specify the name of an existing VPC. +<10> Specify the name of the existing VPC subnet. The subnets must belong to the VPC that you specified. Specify a subnet for each availability zone in the region. +<11> For ``, specify the registry domain name, and optionally the port, that your mirror registry uses to serve content. For example, registry.example.com or registry.example.com:5000. For ``, specify the base64-encoded user name and password for your mirror registry. +<12> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. +<13> Provide the contents of the certificate file that you used for your mirror registry. +<14> Provide the `imageContentSources` section from the output of the command to mirror the repository. ++ +[NOTE] +==== +For production {product-title} clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your `ssh-agent` process uses. +==== +endif::restricted[] + +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!private: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!restricted: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:!ibm-powervs-vpc: +endif::[] diff --git a/modules/installation-initializing-manual.adoc b/modules/installation-initializing-manual.adoc index dc3021270201..2ea451989eed 100644 --- a/modules/installation-initializing-manual.adoc +++ b/modules/installation-initializing-manual.adoc @@ -20,6 +20,7 @@ // * installing/installing_vsphere/installing-vsphere-network-customizations.adoc // * installing/installing_ibm_z/installing-ibm-z.adoc // * installing/installing_azure_stack_hub/installing-azure-stack-hub-network-customizations.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc ifeval::["{context}" == "installing-azure-government-region"] :azure-gov: @@ -66,6 +67,9 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-private"] :ibm-cloud-private: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:ibm-power-vs-private: +endif::[] ifeval::["{context}" == "installing-vsphere"] :three-node-cluster: endif::[] @@ -77,9 +81,9 @@ endif::[] [id="installation-initializing-manual_{context}"] = Manually creating the installation configuration file -ifndef::aws-china,aws-gov,aws-secret,azure-gov,ash,aws-private,azure-private,gcp-private,gcp-shared,ash-default,ash-network,ibm-cloud-private[] +ifndef::aws-china,aws-gov,aws-secret,azure-gov,ash,aws-private,azure-private,gcp-private,gcp-shared,ash-default,ash-network,ibm-cloud-private,ibm-power-vs-private[] For user-provisioned installations of {product-title}, you manually generate your installation configuration file. -endif::aws-china,aws-gov,aws-secret,azure-gov,ash,aws-private,azure-private,gcp-private,gcp-shared,ash-default,ash-network,ibm-cloud-private[] +endif::aws-china,aws-gov,aws-secret,azure-gov,ash,aws-private,azure-private,gcp-private,gcp-shared,ash-default,ash-network,ibm-cloud-private,ibm-power-vs-private[] ifdef::aws-china,aws-gov,aws-secret[] Installing the cluster requires that you manually generate the installation configuration file. //Made this update as part of feedback in PR3961. tl;dr Simply state you have to create the config file, instead of creating a number of conditions to explain why. @@ -88,9 +92,9 @@ ifdef::azure-gov[] When installing {product-title} on Microsoft Azure into a government region, you must manually generate your installation configuration file. endif::azure-gov[] -ifdef::aws-private,azure-private,gcp-private,ibm-cloud-private[] +ifdef::aws-private,azure-private,gcp-private,ibm-cloud-private,ibm-power-vs-private[] When installing a private {product-title} cluster, you must manually generate the installation configuration file. -endif::aws-private,azure-private,gcp-private,ibm-cloud-private[] +endif::aws-private,azure-private,gcp-private,ibm-cloud-private,ibm-power-vs-private[] ifdef::ash-default,ash-network[] When installing {product-title} on Microsoft Azure Stack Hub, you must manually create your installation configuration file. endif::ash-default,ash-network[] @@ -148,12 +152,12 @@ mirror the repository. endif::restricted[] + -ifndef::aws-china,aws-gov,aws-secret,azure-gov,ash,ash-default,ash-network,gcp-shared,ibm-cloud-private[] +ifndef::aws-china,aws-gov,aws-secret,azure-gov,ash,ash-default,ash-network,gcp-shared,ibm-cloud-private,ibm-power-vs-private[] [NOTE] ==== For some platform types, you can alternatively run `./openshift-install create install-config --dir ` to generate an `install-config.yaml` file. You can provide details about your cluster configuration at the prompts. ==== -endif::aws-china,aws-gov,aws-secret,azure-gov,ash,ash-default,ash-network,gcp-shared,ibm-cloud-private[] +endif::aws-china,aws-gov,aws-secret,azure-gov,ash,ash-default,ash-network,gcp-shared,ibm-cloud-private,ibm-power-vs-private[] ifdef::ash[] + Make the following modifications for Azure Stack Hub: @@ -260,6 +264,9 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-private"] :!ibm-cloud-private: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!ibm-power-vs-private: +endif::[] ifeval::["{context}" == "installing-vsphere"] :!three-node-cluster: endif::[] diff --git a/modules/installation-initializing.adoc b/modules/installation-initializing.adoc index 2b602835f453..22cf08ada38d 100644 --- a/modules/installation-initializing.adoc +++ b/modules/installation-initializing.adoc @@ -24,6 +24,9 @@ // * installing/installing_ibm_cloud_public/installing-ibm-cloud-network-customizations.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-vpc.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_openstack/installing-openstack-installer-custom.adoc // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc // * installing/installing_openstack/installing-openstack-installer-restricted.adoc @@ -115,6 +118,13 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-customizations"] :ibm-cloud: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:ibm-power-vs: +:restricted: +endif::[] ifeval::["{context}" == "installing-ibm-cloud-network-customizations"] :ibm-cloud: endif::[] @@ -316,6 +326,13 @@ ifdef::ibm-cloud[] ... Select the base domain to deploy the cluster to. The base domain corresponds to the public DNS zone that you created for your cluster. endif::ibm-cloud[] +ifdef::ibm-power-vs[] +... Select *powervs* as the platform to target. +... Select the region to deploy the cluster to. +... Select the zone to deploy the cluster to. +... Select the base domain to deploy the cluster to. The base domain corresponds +to the public DNS zone that you created for your cluster. +endif::ibm-power-vs[] ifdef::osp[] ... Select *openstack* as the platform to target. ... Specify the {rh-openstack-first} external network name to use for installing the cluster. @@ -614,6 +631,17 @@ computeSubnet: + For `platform.gcp.network`, specify the name for the existing Google VPC. For `platform.gcp.controlPlaneSubnet` and `platform.gcp.computeSubnet`, specify the existing subnets to deploy the control plane machines and compute machines, respectively. endif::gcp+restricted[] +ifdef::ibm-power-vs+restricted[] +.. Define the network and subnets for the VPC to install the cluster in under the parent `platform.ibmcloud` field: ++ +[source,yaml] +---- +vpcName: +vpcSubnets: +---- ++ +For `platform.powervs.vpcName`, specify the name for the existing IBM Cloud VPC. For `platform.powervs.vpcSubnets`, specify the existing subnets. +endif::ibm-power-vs+restricted[] .. Add the image content resources, which resemble the following YAML excerpt: + @@ -730,6 +758,13 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-customizations"] :!ibm-cloud: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!ibm-power-vs: +:!restricted: +endif::[] ifeval::["{context}" == "installing-ibm-cloud-network-customizations"] :!ibm-cloud: endif::[] diff --git a/modules/installation-launching-installer.adoc b/modules/installation-launching-installer.adoc index 2430b4cb2427..0a28c69bf1a4 100644 --- a/modules/installation-launching-installer.adoc +++ b/modules/installation-launching-installer.adoc @@ -42,6 +42,10 @@ // * installing/installing_vsphere/installing-restricted-networks-installer-provisioned-vsphere.adoc // * installing/installing-nutanix-installer-provisioned.adoc // * installing/installing-restricted-networks-nutanix-installer-provisioned.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // If you use this module in any other assembly, you must update the ifeval // statements. @@ -267,6 +271,22 @@ ifeval::["{context}" == "installing-restricted-networks-nutanix-installer-provis :nutanix: :single-step: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:custom-config: +:single-step: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:custom-config: +:single-step: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:custom-config: +:single-step: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:custom-config: +:single-step: +endif::[] :_content-type: PROCEDURE [id="installation-launching-installer_{context}"] @@ -767,3 +787,19 @@ ifeval::["{context}" == "installing-restricted-networks-nutanix-installer-provis :!nutanix: :!single-step: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:!custom-config: +:!single-step: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!custom-config: +:!single-step: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!custom-config: +:!single-step: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:!custom-config: +:!single-step: +endif::[] diff --git a/modules/installation-minimum-resource-requirements.adoc b/modules/installation-minimum-resource-requirements.adoc index 303a9e728857..41c603b2c1eb 100644 --- a/modules/installation-minimum-resource-requirements.adoc +++ b/modules/installation-minimum-resource-requirements.adoc @@ -36,6 +36,9 @@ // * installing/installing_vsphere/installing-vsphere-network-customizations.adoc // * installing/installing_ibm_power/installing-ibm-power.adoc // * installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_ibm_z/installing-ibm-z.adoc // * installing/installing_ibm_z/installing-restricted-networks-ibm-z.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-customizations.adoc @@ -76,6 +79,12 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :ibm-power: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:ibm-power: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:ibm-power: +endif::[] ifeval::["{context}" == "installing-ibm-z"] :ibm-z: endif::[] @@ -246,6 +255,12 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-ibm-power"] :!ibm-power: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!ibm-power: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!ibm-power: +endif::[] ifeval::["{context}" == "installing-ibm-z"] :!ibm-z: endif::[] diff --git a/modules/installation-obtaining-installer.adoc b/modules/installation-obtaining-installer.adoc index 762abfc13dba..6e0d79b3e585 100644 --- a/modules/installation-obtaining-installer.adoc +++ b/modules/installation-obtaining-installer.adoc @@ -32,6 +32,8 @@ // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc // * installing/installing_openstack/installing-openstack-installer.adoc // * installing/installing_platform_agnostic/installing-platform-agnostic.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_vmc/installing-vmc-user-infra.adoc // * installing/installing_vmc/installing-vmc-network-customizations-user-infra.adoc // * installing/installing_vmc/installing-vmc.adoc diff --git a/modules/installation-uninstall-clouds.adoc b/modules/installation-uninstall-clouds.adoc index 11eb05e84a0a..57bbecaa7a67 100644 --- a/modules/installation-uninstall-clouds.adoc +++ b/modules/installation-uninstall-clouds.adoc @@ -5,6 +5,7 @@ // * installing/installing_azure/uninstalling-cluster-azure-stack-hub.adoc // * installing/installing_gcp/uninstalling-cluster-gcp.adoc // * installing/installing_ibm_cloud_public/uninstalling-cluster-ibm-cloud.adoc +// * installing/installing_ibm_powervs/uninstalling-cluster-ibm-power-vs.adoc // * installing/installing_osp/uninstalling-cluster-openstack.adoc // * installing/installing_rhv/uninstalling-cluster-rhv.adoc // * installing/installing_vmc/uninstalling-cluster-vmc.adoc @@ -20,6 +21,9 @@ endif::[] ifeval::["{context}" == "uninstalling-cluster-ibm-cloud"] :ibm-cloud: endif::[] +ifeval::["{context}" == "uninstalling-cluster-ibm-power-vs"] +:ibm-power-vs: +endif::[] :_content-type: PROCEDURE [id="installation-uninstall-clouds_{context}"] @@ -47,13 +51,13 @@ endif::gcp[] * You have a copy of the installation program that you used to deploy the cluster. * You have the files that the installation program generated when you created your cluster. -ifdef::ibm-cloud[] +ifdef::ibm-cloud,ibm-power-vs[] * You have configured the `ccoctl` binary. * You have installed the IBM Cloud CLI and installed or updated the VPC infrastructure service plugin. For more information see "Prerequisites" in the link:https://cloud.ibm.com/docs/vpc?topic=vpc-infrastructure-cli-plugin-vpc-reference&interface=ui#cli-ref-prereqs[IBM Cloud VPC CLI documentation]. -endif::ibm-cloud[] +endif::ibm-cloud,ibm-power-vs[] .Procedure -ifdef::ibm-cloud[] +ifdef::ibm-cloud,ibm-power-vs[] . If the following conditions are met, this step is required: ** The installer created a resource group as part of the installation process. ** You or one of your applications created persistent volume claims (PVCs) after the cluster was deployed. @@ -80,19 +84,31 @@ $ ibmcloud is volume-delete --force + For more information about deleting volumes, see the link:https://cloud.ibm.com/docs/vpc?topic=vpc-infrastructure-cli-plugin-vpc-reference&interface=ui#volume-delete[IBM Cloud VPC CLI documentation]. -. Export the IBM Cloud API key that was created as part of the installation process. +. Export the API key that was created as part of the installation process. +endif::ibm-cloud,ibm-power-vs[] +ifdef::ibm-cloud[] + [source,terminal] ---- $ export IC_API_KEY= ---- + +endif::ibm-cloud[] +ifdef::ibm-power-vs[] ++ +[source,terminal] +---- +$ export IBMCLOUD_API_KEY= +---- ++ +endif::ibm-power-vs[] +ifdef::ibm-cloud,ibm-power-vs[] [NOTE] ==== You must set the variable name exactly as specified. The installation program expects the variable name to be present to remove the service IDs that were created when the cluster was installed. ==== -endif::ibm-cloud[] -. On the computer that you used to install the cluster, go to the directory that contains the installation program, and run the following command: +endif::ibm-cloud,ibm-power-vs[] +. From the directory that contains the installation program on the computer that you used to install the cluster, run the following command: + [source,terminal] ---- @@ -109,8 +125,14 @@ You must specify the directory that contains the cluster definition files for your cluster. The installation program requires the `metadata.json` file in this directory to delete the cluster. ==== +ifdef::ibm-power-vs[] +[NOTE] +==== +You might have to run the openshift-install destroy command up to three times to ensure a proper cleanup. +==== +endif::ibm-power-vs[] -ifdef::ibm-cloud[] +ifdef::ibm-cloud,ibm-power-vs[] . Remove the manual CCO credentials that were created for the cluster: + [source,terminal] @@ -126,11 +148,12 @@ $ ccoctl ibmcloud delete-service-id \ If your cluster uses Technology Preview features that are enabled by the `TechPreviewNoUpgrade` feature set, you must include the `--enable-tech-preview` parameter. ==== -- -endif::ibm-cloud[] +endif::ibm-cloud,ibm-power-vs[] . Optional: Delete the `` directory and the {product-title} installation program. + ifeval::["{context}" == "uninstalling-cluster-aws"] :!aws: endif::[] @@ -140,5 +163,8 @@ endif::[] ifeval::["{context}" == "uninstalling-cluster-ibm-cloud"] :!ibm-cloud: endif::[] +ifeval::["{context}" == "uninstalling-cluster-ibm-power-vs"] +:!ibm-power-vs: +endif::[] // The above CCO credential removal for IBM Cloud is only necessary for manual mode. Future releases that support other credential methods will not require this step. diff --git a/modules/machineset-yaml-ibm-power-vs.adoc b/modules/machineset-yaml-ibm-power-vs.adoc new file mode 100644 index 000000000000..233b30b15633 --- /dev/null +++ b/modules/machineset-yaml-ibm-power-vs.adoc @@ -0,0 +1,73 @@ +// Module included in the following assemblies: +// +// * machine_management/creating_machinesets/creating-machineset-ibm-power-vs.adoc + +:_content-type: REFERENCE +[id="machineset-yaml-ibm-power-vs_{context}"] += Sample YAML for a compute machine set custom resource on {ibmpowerProductName} Virtual Server + +This sample YAML file defines a compute machine set that runs in a specified {ibmpowerProductName} Virtual Server zone in a region and creates nodes that are labeled with `node-role.kubernetes.io/: ""`. + +In this sample, `` is the infrastructure ID label that is based on the cluster ID that you set when you provisioned the cluster, and `` is the node label to add. + +[source,yaml] +---- +apiVersion: machine.openshift.io/v1beta1 +kind: MachineSet +metadata: + labels: + machine.openshift.io/cluster-api-cluster: <1> + machine.openshift.io/cluster-api-machine-role: <2> + machine.openshift.io/cluster-api-machine-type: <2> + name: -- <3> + namespace: openshift-machine-api +spec: + replicas: 1 + selector: + matchLabels: + machine.openshift.io/cluster-api-cluster: <1> + machine.openshift.io/cluster-api-machineset: -- <3> + template: + metadata: + labels: + machine.openshift.io/cluster-api-cluster: <1> + machine.openshift.io/cluster-api-machine-role: <2> + machine.openshift.io/cluster-api-machine-type: <2> + machine.openshift.io/cluster-api-machineset: -- <3> + spec: + metadata: + labels: + node-role.kubernetes.io/: "" + providerSpec: + value: + apiVersion: machine.openshift.io/v1 + credentialsSecret: + name: powervs-credentials + image: + name: rhcos- <4> + type: Name + keyPairName: -key + kind: PowerVSMachineProviderConfig + memoryGiB: 32 + network: + regex: ^DHCPSERVER[0-9a-z]{32}_Private$ + type: RegEx + processorType: Shared + processors: "0.5" + serviceInstance: + id: + type: ID <5> + systemType: s922 + userDataSecret: + name: -user-data +---- +<1> The infrastructure ID that is based on the cluster ID that you set when you provisioned the cluster. If you have the OpenShift CLI installed, you can obtain the infrastructure ID by running the following command: ++ +[source,terminal] +---- +$ oc get -o jsonpath='{.status.infrastructureName}{"\n"}' infrastructure cluster +---- +<2> The node label to add. +<3> The infrastructure ID, node label, and region. +<4> The custom {op-system-first} image that was used for cluster installation. +<5> The infrastructure ID within your region to place machines on. diff --git a/modules/manually-create-iam-ibm-cloud.adoc b/modules/manually-create-iam-ibm-cloud.adoc index 941e4932c6de..03d6744488c9 100644 --- a/modules/manually-create-iam-ibm-cloud.adoc +++ b/modules/manually-create-iam-ibm-cloud.adoc @@ -4,6 +4,10 @@ // * installing/installing_ibm_cloud_public/installing-ibm-cloud-network-customizations.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-vpc.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc ifeval::["{context}" == "installing-ibm-cloud-customizations"] :ibm-vpc: @@ -17,10 +21,22 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-private"] :ibm-vpc: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:ibm-power-vs: +endif::[] :_content-type: PROCEDURE [id="manually-create-iam-ibm-cloud_{context}"] -= Manually creating IAM for IBM Cloud VPC += Manually creating IAM Installing the cluster requires that the Cloud Credential Operator (CCO) operate in manual mode. While the installation program configures the CCO for manual mode, you must specify the identity and access management secrets for you cloud provider. @@ -45,6 +61,9 @@ compute: ifdef::ibm-vpc[] - architecture: amd64 endif::ibm-vpc[] +ifdef::ibm-power-vs[] +- architecture: ppc64le +endif::ibm-power-vs[] hyperthreading: Enabled ---- <1> This line is added to set the `credentialsMode` parameter to `Manual`. @@ -67,10 +86,11 @@ $ RELEASE_IMAGE=$(./openshift-install version | awk '/release image/ {print $3}' + [source,terminal] ---- -$ oc adm release extract --cloud=ibmcloud --credentials-requests $RELEASE_IMAGE \ - --to= <1> +$ oc adm release extract --cloud= --credentials-requests $RELEASE_IMAGE \ <1> + --to= <2> ---- -<1> The directory where the credential requests will be stored. +<1> The name of the provider. For example: `ibmcloud` or `powervs`. +<2> The directory where the credential requests will be stored. + This command creates a YAML file for each `CredentialsRequest` object. + @@ -109,6 +129,7 @@ This command creates a YAML file for each `CredentialsRequest` object. - crn:v1:bluemix:public:iam::::role:Viewer ---- +ifndef::ibm-power-vs[] . If your cluster uses cluster capabilities to disable one or more optional components, delete the `CredentialsRequest` custom resources for any disabled components. + .Example `credrequests` directory contents for {product-title} 4.12 on IBM Cloud VPC @@ -126,8 +147,9 @@ This command creates a YAML file for each `CredentialsRequest` object. <3> The Image Registry Operator CR is required. <4> The Ingress Operator CR is required. <5> The Storage Operator CR is an optional component and might be disabled in your cluster. +endif::ibm-power-vs[] -. Create the service ID for each credential request, assign the policies defined, create an API key in IBM Cloud VPC, and generate the secret: +. Create the service ID for each credential request, assign the policies defined, create an API key, and generate the secret: + [source,terminal] ---- @@ -171,3 +193,15 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-private"] :!ibm-vpc: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-powervs-vpc"] +:!ibm-power-vs: +endif::[] \ No newline at end of file diff --git a/modules/olm-restricted-networks-configuring-operatorhub.adoc b/modules/olm-restricted-networks-configuring-operatorhub.adoc index c3c4da873234..e2530b2c5245 100644 --- a/modules/olm-restricted-networks-configuring-operatorhub.adoc +++ b/modules/olm-restricted-networks-configuring-operatorhub.adoc @@ -6,6 +6,7 @@ // * installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc // * installing/installing_gcp/installing-restricted-networks-gcp.adoc // * installing/installing_ibm_power/installing-restricted-networks-ibm-power.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc // * installing/installing_ibm_z/installing-restricted-networks-ibm-z-kvm.adoc // * installing/installing_ibm_z/installing-restricted-networks-ibm-z.adoc // * installing/installing_openstack/installing-openstack-installer-restricted.adoc diff --git a/modules/private-clusters-about-ibm-power-vs.adoc b/modules/private-clusters-about-ibm-power-vs.adoc new file mode 100644 index 000000000000..4f3d0ae7dd5f --- /dev/null +++ b/modules/private-clusters-about-ibm-power-vs.adoc @@ -0,0 +1,24 @@ +// Module included in the following assemblies: +// +// * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc + +:_content-type: CONCEPT +[id="private-clusters-about-ibm-power-virtual-server_{context}"] += Private clusters in IBM Power Virtual Server + +To create a private cluster on IBM Power Virtual Server, you must provide an existing private Virtual Private Cloud (VPC) and subnets to host the cluster. The installation program must also be able to resolve the DNS records that the cluster requires. The installation program configures the Ingress Operator and API server for only internal traffic. + +The cluster still requires access to internet to access the IBM Cloud VPC APIs. + +The following items are not required or created when you install a private cluster: + +* Public subnets +* Public network load balancers, which support public Ingress +* A public DNS zone that matches the `baseDomain` for the cluster + +You will also need to create an IBM DNS service containing a DNS zone that matches your `baseDomain`. Unlike standard deployments on Power VS which use IBM CIS for DNS, you must use IBM DNS for your DNS service. + +[id="private-clusters-limitations-ibm-power-virtual-server_{context}"] +== Limitations + +Private clusters on IBM Power Virtual Server are subject only to the limitations associated with the existing VPC that was used for cluster deployment. diff --git a/modules/private-clusters-default.adoc b/modules/private-clusters-default.adoc index a822c997a06d..ac2644a9af2f 100644 --- a/modules/private-clusters-default.adoc +++ b/modules/private-clusters-default.adoc @@ -28,6 +28,10 @@ ifeval::["{context}" == "installing-ibm-cloud-private"] :ibm-cloud-private: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:ibm-power-vs-private: +endif::[] + You can deploy a private {product-title} cluster that does not expose external endpoints. Private clusters are accessible from only an internal network and are not visible to the internet. ifdef::aws-gov[] @@ -51,10 +55,15 @@ include::snippets/snip-private-clusters-public-ingress.adoc[] To deploy a private cluster, you must: +ifndef::ibm-power-vs-private[] * Use existing networking that meets your requirements. Your cluster resources might be shared between other clusters on the network. -ifdef::ibm-cloud-private[] +endif::ibm-power-vs-private[] +ifdef::ibm-power-vs-private[] +* Use existing networking that meets your requirements. +endif::ibm-power-vs-private[] +ifdef::ibm-cloud-private,ibm-power-vs-private[] * Create a DNS zone using IBM Cloud DNS Services and specify it as the base domain of the cluster. For more information, see "Using IBM Cloud DNS Services to configure DNS resolution". -endif::ibm-cloud-private[] +endif::ibm-cloud-private,ibm-power-vs-private[] * Deploy from a machine that has access to: ** The API services for the cloud to which you provision. ** The hosts on the network that you provision. @@ -91,3 +100,7 @@ endif::[] ifeval::["{context}" == "installing-ibm-cloud-private"] :!ibm-cloud-private: endif::[] + +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!ibm-power-vs-private: +endif::[] \ No newline at end of file diff --git a/modules/quotas-and-limits-ibm-power-vs.adoc b/modules/quotas-and-limits-ibm-power-vs.adoc new file mode 100644 index 000000000000..edce80729639 --- /dev/null +++ b/modules/quotas-and-limits-ibm-power-vs.adoc @@ -0,0 +1,62 @@ +// Module included in the following assemblies: +// +// installing/installing_ibm_powervs/installing-ibm-cloud-account-power-vs.adoc + +:_content-type: CONCEPT +[id="quotas-and-limits-ibm-power-vs_{context}"] += Quotas and limits on {ibmpowerProductName} Virtual Server + +The {product-title} cluster uses several IBM Cloud and {ibmpowerProductName} Virtual Server components, and the default quotas and limits affect your ability to install {product-title} clusters. If you use certain cluster configurations, deploy your cluster in certain regions, or run multiple clusters from your account, you might need to request additional resources for your IBM Cloud VPC account. + +For a comprehensive list of the default IBM Cloud VPC quotas and service limits, see the IBM Cloud documentation for link:https://cloud.ibm.com/docs/vpc?topic=vpc-quotas[Quotas and service limits]. + +[discrete] +== Virtual Private Cloud + +Each {product-title} cluster creates its own Virtual Private Cloud (VPC). The default quota of VPCs per region is 10. If you have 10 VPCs created, you will need to increase your quota before attempting an installation. + +[discrete] +== Application load balancer + +By default, each cluster creates two application load balancers (ALBs): + +* Internal load balancer for the control plane API server +* External load balancer for the control plane API server + +You can create additional `LoadBalancer` service objects to create additional ALBs. The default quota of VPC ALBs are 50 per region. To have more than 50 ALBs, you must increase this quota. + +VPC ALBs are supported. Classic ALBs are not supported for {ibmpowerProductName} Virtual Server. + +[discrete] +== Cloud connections + +There is a limit of two cloud connections per {ibmpowerProductName} Virtual Server instance. It is recommended that you have only one cloud connection in your {ibmpowerProductName} Virtual Server instance to serve your cluster. + +[discrete] +== Dynamic Host Configuration Protocol Service + +There is a limit of one Dynamic Host Configuration Protocol (DHCP) service per {ibmpowerProductName} Virtual Server instance. + +[discrete] +== Networking + +Due to networking limitations, there is a restriction of one OpenShift cluster installed through IPI per zone per account. This is not configurable. + +[discrete] +== Virtual Server Instances + +By default, a cluster creates server instances with the following resources : + +* 0.5 CPUs +* 32 GB RAM +* System Type: `s922` +* Processor Type: `uncapped`, `shared` +* Storage Tier: `Tier-3` + +The following nodes are created: + +* One bootstrap machine, which is removed after the installation is complete +* Three control plane nodes +* Three compute nodes + +For more information, see link:https://cloud.ibm.com/docs/power-iaas?topic=power-iaas-creating-power-virtual-server[Creating a Power Systems Virtual Server] in the IBM Cloud documentation. diff --git a/modules/refreshing-service-ids-ibm-cloud.adoc b/modules/refreshing-service-ids-ibm-cloud.adoc index f4c3c639deed..2b4782d991d6 100644 --- a/modules/refreshing-service-ids-ibm-cloud.adoc +++ b/modules/refreshing-service-ids-ibm-cloud.adoc @@ -4,14 +4,14 @@ :_content-type: PROCEDURE [id="refreshing-service-ids-ibm-cloud_{context}"] -= Rotating API keys for IBM Cloud += Rotating API keys You can rotate API keys for your existing service IDs and update the corresponding secrets. .Prerequisites * You have configured the `ccoctl` binary. -* You have existing service IDs in a live {product-title} cluster installed on IBM Cloud. +* You have existing service IDs in a live {product-title} cluster installed. .Procedure @@ -19,14 +19,15 @@ You can rotate API keys for your existing service IDs and update the correspondi + [source,terminal] ---- -$ ccoctl ibmcloud refresh-keys \ - --kubeconfig \ <1> - --credentials-requests-dir \ <2> - --name <3> +$ ccoctl refresh-keys \ <1> + --kubeconfig \ <2> + --credentials-requests-dir \ <3> + --name <4> ---- -<1> The `kubeconfig` file associated with the cluster. For example, `/auth/kubeconfig`. -<2> The directory where the credential requests are stored. -<3> The name of the {product-title} cluster. +<1> The name of the provider. For example: `ibmcloud` or `powervs`. +<2> The `kubeconfig` file associated with the cluster. For example, `/auth/kubeconfig`. +<3> The directory where the credential requests are stored. +<4> The name of the {product-title} cluster. + -- [NOTE] diff --git a/modules/ssh-agent-using.adoc b/modules/ssh-agent-using.adoc index ec794bb4cb86..4ea6b4fd22c4 100644 --- a/modules/ssh-agent-using.adoc +++ b/modules/ssh-agent-using.adoc @@ -31,6 +31,10 @@ // * installing/installing_ibm_cloud_public/installing-ibm-cloud-network-customizations.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-vpc.adoc // * installing/installing_ibm_cloud_public/installing-ibm-cloud-private.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-customizations.adoc +// * installing/installing_ibm_powervs/installing-ibm-power-vs-private-cluster.adoc +// * installing/installing_ibm_powervs/installing-restricted-networks-ibm-power-vs.adoc +// * installing/installing_ibm_powervs/installing-ibm-powervs-vpc.adoc // * installing/installing_openstack/installing-openstack-installer-custom.adoc // * installing/installing_openstack/installing-openstack-installer-kuryr.adoc // * installing/installing_openstack/installing-openstack-installer.adoc @@ -73,6 +77,15 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-aws"] :user-infra: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:ibm-power-vs: +endif::[] ifeval::["{context}" == "installing-gcp-customizations"] :gcp: endif::[] @@ -179,10 +192,12 @@ $ ssh-keygen -t ed25519 -N '' -f / <1> ---- <1> Specify the path and file name, such as `~/.ssh/id_ed25519`, of the new SSH key. If you have an existing key pair, ensure your public key is in the your `~/.ssh` directory. + +ifndef::ibm-power-vs[] [NOTE] ==== If you plan to install an {product-title} cluster that uses FIPS Validated / Modules in Process cryptographic libraries on the `x86_64` architecture, do not create a key that uses the `ed25519` algorithm. Instead, create a key that uses the `rsa` or `ecdsa` algorithm. ==== +endif::ibm-power-vs[] . View the public SSH key: + @@ -218,10 +233,12 @@ $ eval "$(ssh-agent -s)" Agent pid 31874 ---- + +ifndef::ibm-power-vs[] [NOTE] ==== If your cluster is in FIPS mode, only use FIPS-compliant algorithms to generate the SSH key. The key must be either RSA or ECDSA. ==== +endif::ibm-power-vs[] . Add your SSH private key to the `ssh-agent`: + @@ -256,6 +273,15 @@ endif::[] ifeval::["{context}" == "installing-restricted-networks-aws"] :!user-infra: endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-customizations"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-ibm-power-vs-private-cluster"] +:!ibm-power-vs: +endif::[] +ifeval::["{context}" == "installing-restricted-networks-ibm-power-vs"] +:!ibm-power-vs: +endif::[] ifeval::["{context}" == "installing-gcp-customizations"] :!gcp: endif::[] diff --git a/snippets/custom-dns-server.adoc b/snippets/custom-dns-server.adoc index 3ff4c65896f5..2235cc4e2da5 100644 --- a/snippets/custom-dns-server.adoc +++ b/snippets/custom-dns-server.adoc @@ -4,6 +4,7 @@ // * modules/installation-about-custom-azure-vnet.adoc // * modules/installation-custom-gcp-vpc.adoc // * modules/installation-custom-alibaba-vpc.adoc +// * modules/installation-ibm-power-vs.adoc :_content-type: SNIPPET diff --git a/welcome/index.adoc b/welcome/index.adoc index 9ef33932b008..960bdcd6868a 100644 --- a/welcome/index.adoc +++ b/welcome/index.adoc @@ -104,6 +104,8 @@ You can also deploy a cluster on AWS infrastructure that you provisioned yoursel ifndef::openshift-origin[] - **xref:../installing/installing_ibm_cloud_public/preparing-to-install-on-ibm-cloud.adoc#preparing-to-install-on-ibm-cloud[Install a cluster on IBM Cloud VPC]**: You can install {product-title} on IBM Cloud VPC on installer-provisioned infrastructure. +- **xref:../installing/installing_ibm_powervs/preparing-to-install-on-ibm-power-vs.adoc#preparing-to-install-on-ibm-power-vs[Install a cluster on {ibmpowerProductName} Virtual Server]**: You can install {product-title} on {ibmpowerProductName} Virtual Server on installer-provisioned infrastructure. + - **xref:../installing/installing_ibm_power/installing-ibm-power.adoc#installing-ibm-power[Install a cluster on {ibmpowerProductName}]**: You can install {product-title} on {ibmpowerProductName} on user-provisioned infrastructure. endif::openshift-origin[]