From ed6696589eab61a3b1b81f07bf0b948113889f86 Mon Sep 17 00:00:00 2001 From: Ben Scott Date: Thu, 22 May 2025 14:38:17 -0400 Subject: [PATCH 1/4] OSDOCS-14757 simplified install config yaml file, replaced shared vpc config yaml --- .../installing-gcp-customizations.adoc | 3 +- .../installing-gcp-private.adoc | 3 +- .../installing-gcp-shared-vpc.adoc | 7 +++ .../installing_gcp/installing-gcp-vpc.adoc | 3 +- ...ed-networks-gcp-installer-provisioned.adoc | 7 ++- .../installation-gcp-config-yaml-simple.adoc | 51 +++++++++++++++ .../installation-gcp-shared-vpc-config.adoc | 63 ++++--------------- 7 files changed, 81 insertions(+), 56 deletions(-) create mode 100644 modules/installation-gcp-config-yaml-simple.adoc diff --git a/installing/installing_gcp/installing-gcp-customizations.adoc b/installing/installing_gcp/installing-gcp-customizations.adoc index 46d90b5bb9ac..dd2285343c02 100644 --- a/installing/installing_gcp/installing-gcp-customizations.adoc +++ b/installing/installing_gcp/installing-gcp-customizations.adoc @@ -59,11 +59,12 @@ include::modules/installation-gcp-managing-dns-solution.adoc[leveloffset=+2] .Additional resources * xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-configuration-parameters-additional-gcp_installation-config-parameters-gcp[Additional {gcp-first} configuration parameters] -include::modules/installation-gcp-config-yaml.adoc[leveloffset=+2] +include::modules/installation-gcp-config-yaml-simple.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources +* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for GCP] * xref:../../machine_management/creating_machinesets/creating-machineset-gcp.adoc#machineset-enabling-customer-managed-encryption_creating-machineset-gcp[Enabling customer-managed encryption keys for a compute machine set] include::modules/installation-configure-proxy.adoc[leveloffset=+2] diff --git a/installing/installing_gcp/installing-gcp-private.adoc b/installing/installing_gcp/installing-gcp-private.adoc index 1ab8e305f1ca..bf35aec5038c 100644 --- a/installing/installing_gcp/installing-gcp-private.adoc +++ b/installing/installing_gcp/installing-gcp-private.adoc @@ -61,11 +61,12 @@ include::modules/installation-gcp-managing-dns-solution.adoc[leveloffset=+2] .Additional resources * xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for {gcp-first}] -include::modules/installation-gcp-config-yaml.adoc[leveloffset=+2] +include::modules/installation-gcp-config-yaml-simple.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources +* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for GCP] * xref:../../machine_management/creating_machinesets/creating-machineset-gcp.adoc#machineset-enabling-customer-managed-encryption_creating-machineset-gcp[Enabling customer-managed encryption keys for a compute machine set] include::modules/nw-gcp-installing-global-access-configuration.adoc[leveloffset=+2] diff --git a/installing/installing_gcp/installing-gcp-shared-vpc.adoc b/installing/installing_gcp/installing-gcp-shared-vpc.adoc index d2198bc2dcff..d499456026e8 100644 --- a/installing/installing_gcp/installing-gcp-shared-vpc.adoc +++ b/installing/installing_gcp/installing-gcp-shared-vpc.adoc @@ -54,6 +54,13 @@ include::modules/installation-gcp-managing-dns-solution.adoc[leveloffset=+2] include::modules/installation-gcp-shared-vpc-config.adoc[leveloffset=+2] +include::modules/installation-gcp-config-yaml-simple.adoc[leveloffset=+2] + +[role="_additional-resources"] +.Additional resources + +* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for GCP] + include::modules/installation-configure-proxy.adoc[leveloffset=+2] // Installing the OpenShift CLI on Linux diff --git a/installing/installing_gcp/installing-gcp-vpc.adoc b/installing/installing_gcp/installing-gcp-vpc.adoc index 1007c4b40836..291c8e2075b2 100644 --- a/installing/installing_gcp/installing-gcp-vpc.adoc +++ b/installing/installing_gcp/installing-gcp-vpc.adoc @@ -58,11 +58,12 @@ include::modules/installation-gcp-managing-dns-solution.adoc[leveloffset=+2] .Additional resources * xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for {gcp-first}] -include::modules/installation-gcp-config-yaml.adoc[leveloffset=+2] +include::modules/installation-gcp-config-yaml-simple.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources +* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for GCP] * xref:../../machine_management/creating_machinesets/creating-machineset-gcp.adoc#machineset-enabling-customer-managed-encryption_creating-machineset-gcp[Enabling customer-managed encryption keys for a compute machine set] include::modules/nw-gcp-installing-global-access-configuration.adoc[leveloffset=+2] diff --git a/installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc b/installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc index 036e01e7be67..5ed87e7ce388 100644 --- a/installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc +++ b/installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc @@ -71,7 +71,12 @@ include::modules/installation-gcp-managing-dns-solution.adoc[leveloffset=+2] .Additional resources * xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for {gcp-first}] -include::modules/installation-gcp-config-yaml.adoc[leveloffset=+2] +include::modules/installation-gcp-config-yaml-simple.adoc[leveloffset=+2] + +[role="_additional-resources"] +.Additional resources + +* xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for GCP] include::modules/nw-gcp-installing-global-access-configuration.adoc[leveloffset=+2] diff --git a/modules/installation-gcp-config-yaml-simple.adoc b/modules/installation-gcp-config-yaml-simple.adoc new file mode 100644 index 000000000000..0e2b0272adc2 --- /dev/null +++ b/modules/installation-gcp-config-yaml-simple.adoc @@ -0,0 +1,51 @@ +// Module included in the following assemblies: +// +// * installing/installing_gcp/installing-gcp-customizations.adoc +// * installing/installing_gcp/installing-gcp-network-customizations.adoc +// * installing/installing_gcp/installing-gcp-vpc.adoc +// * installing/installing_gcp/installing-gcp-private.adoc +// * installing/installing_gcp/installing-restricted-networks-gcp-installer-provisioned.adoc + +:_mod-docs-content-type: REFERENCE +[id="installation-gcp-config-yaml_{context}"] += Sample customized install-config.yaml file for GCP + +You can customize the `install-config.yaml` file to specify more details about your {product-title} cluster's platform or modify the values of the required parameters. + +[IMPORTANT] +==== +This sample YAML file is provided for reference only. You must obtain your `install-config.yaml` file by using the installation program and modify it. +==== + +[source,yaml] +---- +apiVersion: v1 <1> +baseDomain: example.com +pullSecret: '{"auths": ...}' +controlPlane: <2> + name: master + replicas: 3 + platform: + gcp: + type: n2-standard-4 +compute: <3> +- name: worker + replicas: 3 + platform: + gcp: + type: n2-standard-4 +metadata: + name: test-cluster +networking: <4> + clusterNetwork: + - cidr: 10.128.0.0/14 + hostPrefix: 23 +platform: <5> + gcp: + projectID: sample-project +---- +<1> Parameters at the first level of indentation apply to the cluster globally. +<2> The `controlPlane` stanza applies to control plane machines. +<3> The `compute` stanza applies to compute machines. +<4> The `networking` stanza applies to the cluster networking configuration. If you do not provide networking values, the installation program provides default values. +<5> The `platform` stanza applies to the infrastructure platform that hosts the cluster. \ No newline at end of file diff --git a/modules/installation-gcp-shared-vpc-config.adoc b/modules/installation-gcp-shared-vpc-config.adoc index 6c437902f367..92c2e96524e1 100644 --- a/modules/installation-gcp-shared-vpc-config.adoc +++ b/modules/installation-gcp-shared-vpc-config.adoc @@ -12,60 +12,19 @@ There are several configuration parameters which are required to install {produc This sample YAML file is provided for reference only. You must modify this file with the correct values for your environment and cluster. ==== +.Shared VPC parameters in `install-config.yaml` [source,yaml] ---- -apiVersion: v1 -baseDomain: example.com -credentialsMode: Passthrough <1> -metadata: - name: cluster_name platform: gcp: - computeSubnet: shared-vpc-subnet-1 <2> - controlPlaneSubnet: shared-vpc-subnet-2 <3> - network: shared-vpc <4> - networkProjectID: host-project-name <5> - projectID: service-project-name <6> - region: us-east1 - defaultMachinePlatform: - tags: <7> - - global-tag1 -controlPlane: - name: master - platform: - gcp: - tags: <7> - - control-plane-tag1 - type: n2-standard-4 - zones: - - us-central1-a - - us-central1-c - replicas: 3 -compute: -- name: worker - platform: - gcp: - tags: <7> - - compute-tag1 - type: n2-standard-4 - zones: - - us-central1-a - - us-central1-c - replicas: 3 -networking: - clusterNetwork: - - cidr: 10.128.0.0/14 - hostPrefix: 23 - machineNetwork: - - cidr: 10.0.0.0/16 -pullSecret: '{"auths": ...}' -sshKey: ssh-ed25519 AAAA... <8> + computeSubnet: shared-vpc-subnet-1 <1> + controlPlaneSubnet: shared-vpc-subnet-2 <2> + network: shared-vpc <3> + networkProjectID: host-project-name <4> + projectID: service-project-name <5> ---- -<1> `credentialsMode` must be set to `Passthrough` or `Manual`. See the "Prerequisites" section for the required {gcp-short} permissions that your service account must have. -<2> The name of the subnet in the shared VPC for compute machines to use. -<3> The name of the subnet in the shared VPC for control plane machines to use. -<4> The name of the shared VPC. -<5> The name of the host project where the shared VPC exists. -<6> The name of the {gcp-short} project where you want to install the cluster. -<7> Optional. One or more network tags to apply to compute machines, control plane machines, or all machines. -<8> You can optionally provide the `sshKey` value that you use to access the machines in your cluster. \ No newline at end of file +<1> The name of the subnet in the shared VPC for compute machines to use. +<2> The name of the subnet in the shared VPC for control plane machines to use. +<3> The name of the shared VPC. +<4> The name of the host project where the shared VPC exists. +<5> The name of the GCP project where you want to install the cluster. From 29986dfe49f08a9cdc100398a20101f9d92f7374 Mon Sep 17 00:00:00 2001 From: Ben Scott Date: Fri, 31 Oct 2025 08:33:41 -0400 Subject: [PATCH 2/4] Added region parameter --- modules/installation-gcp-config-yaml-simple.adoc | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/installation-gcp-config-yaml-simple.adoc b/modules/installation-gcp-config-yaml-simple.adoc index 0e2b0272adc2..ba29e4db117c 100644 --- a/modules/installation-gcp-config-yaml-simple.adoc +++ b/modules/installation-gcp-config-yaml-simple.adoc @@ -43,6 +43,7 @@ networking: <4> platform: <5> gcp: projectID: sample-project + region: us-east1 ---- <1> Parameters at the first level of indentation apply to the cluster globally. <2> The `controlPlane` stanza applies to control plane machines. From 3211bf45d38b8a83207df49b1a17a00620439858 Mon Sep 17 00:00:00 2001 From: Ben Scott Date: Wed, 4 Mar 2026 08:21:36 -0500 Subject: [PATCH 3/4] Clearing vale for two modules --- .../installation-gcp-config-yaml-simple.adoc | 26 +++++++++-------- .../installation-gcp-shared-vpc-config.adoc | 29 ++++++++++--------- 2 files changed, 30 insertions(+), 25 deletions(-) diff --git a/modules/installation-gcp-config-yaml-simple.adoc b/modules/installation-gcp-config-yaml-simple.adoc index ba29e4db117c..08728437a4a4 100644 --- a/modules/installation-gcp-config-yaml-simple.adoc +++ b/modules/installation-gcp-config-yaml-simple.adoc @@ -8,9 +8,10 @@ :_mod-docs-content-type: REFERENCE [id="installation-gcp-config-yaml_{context}"] -= Sample customized install-config.yaml file for GCP += Sample customized install-config.yaml file for {gcp-full} -You can customize the `install-config.yaml` file to specify more details about your {product-title} cluster's platform or modify the values of the required parameters. +[role="_abstract"] +To specify more details about your {product-title} cluster's platform or modify the values of the required parameters, you can customize the `install-config.yaml` file. [IMPORTANT] ==== @@ -19,16 +20,16 @@ This sample YAML file is provided for reference only. You must obtain your `inst [source,yaml] ---- -apiVersion: v1 <1> +apiVersion: v1 baseDomain: example.com pullSecret: '{"auths": ...}' -controlPlane: <2> +controlPlane: name: master replicas: 3 platform: gcp: type: n2-standard-4 -compute: <3> +compute: - name: worker replicas: 3 platform: @@ -36,17 +37,18 @@ compute: <3> type: n2-standard-4 metadata: name: test-cluster -networking: <4> +networking: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 -platform: <5> +platform: gcp: projectID: sample-project region: us-east1 ---- -<1> Parameters at the first level of indentation apply to the cluster globally. -<2> The `controlPlane` stanza applies to control plane machines. -<3> The `compute` stanza applies to compute machines. -<4> The `networking` stanza applies to the cluster networking configuration. If you do not provide networking values, the installation program provides default values. -<5> The `platform` stanza applies to the infrastructure platform that hosts the cluster. \ No newline at end of file +where: + +`controlPlane`:: Specifies parameters that apply to control plane machines. +`compute`:: Specifies parameters that apply to compute machines. +`networking`:: Specifies parameters that apply to the cluster networking configuration. If you do not provide networking values, the installation program provides default values. +`platform`:: Specifies parameters that apply to the infrastructure platform that hosts the cluster. \ No newline at end of file diff --git a/modules/installation-gcp-shared-vpc-config.adoc b/modules/installation-gcp-shared-vpc-config.adoc index 92c2e96524e1..69f6bf93f5d8 100644 --- a/modules/installation-gcp-shared-vpc-config.adoc +++ b/modules/installation-gcp-shared-vpc-config.adoc @@ -1,30 +1,33 @@ // This file is referenced in the following assembly: // installing/installing_gcp/installing-gcp-shared-vpc.adoc -:_mod-docs-content-type: PROCEDURE +:_mod-docs-content-type: REFERENCE [id="installation-gcp-shared-vpc-config_{context}"] = Sample customized install-config.yaml file for shared VPC installation +[role="_abstract"] There are several configuration parameters which are required to install {product-title} on {gcp-short} using a shared VPC. The following is a sample `install-config.yaml` file which demonstrates these fields. [IMPORTANT] ==== -This sample YAML file is provided for reference only. You must modify this file with the correct values for your environment and cluster. +This sample YAML snippet is provided for reference only. You must modify this file with the correct values for your environment and cluster. ==== -.Shared VPC parameters in `install-config.yaml` [source,yaml] ---- +# ... platform: gcp: - computeSubnet: shared-vpc-subnet-1 <1> - controlPlaneSubnet: shared-vpc-subnet-2 <2> - network: shared-vpc <3> - networkProjectID: host-project-name <4> - projectID: service-project-name <5> + computeSubnet: + controlPlaneSubnet: + network: + networkProjectID: + projectID: ---- -<1> The name of the subnet in the shared VPC for compute machines to use. -<2> The name of the subnet in the shared VPC for control plane machines to use. -<3> The name of the shared VPC. -<4> The name of the host project where the shared VPC exists. -<5> The name of the GCP project where you want to install the cluster. +where: + +``:: Specifies the name of the subnet in the shared VPC for compute machines to use. +``:: Specifies the name of the subnet in the shared VPC for control plane machines to use. +``:: Specifies the name of the shared VPC. +``:: Specifies the name of the host project where the shared VPC exists. +``:: Specifies the name of the project where you want to install the cluster. \ No newline at end of file From 1609da9ab05cf246d0bf67af4c346a35de72be05 Mon Sep 17 00:00:00 2001 From: Ben Scott Date: Wed, 4 Mar 2026 13:32:34 -0500 Subject: [PATCH 4/4] Modifying installation initializing module for private and xpn --- .../installing-gcp-shared-vpc.adoc | 2 -- .../installation-gcp-shared-vpc-config.adoc | 33 ------------------- modules/installation-initializing-manual.adoc | 27 +++++++++++++++ modules/installation-initializing.adoc | 8 +++-- modules/private-clusters-about-gcp.adoc | 3 +- 5 files changed, 34 insertions(+), 39 deletions(-) delete mode 100644 modules/installation-gcp-shared-vpc-config.adoc diff --git a/installing/installing_gcp/installing-gcp-shared-vpc.adoc b/installing/installing_gcp/installing-gcp-shared-vpc.adoc index d499456026e8..a281b0262f54 100644 --- a/installing/installing_gcp/installing-gcp-shared-vpc.adoc +++ b/installing/installing_gcp/installing-gcp-shared-vpc.adoc @@ -52,8 +52,6 @@ include::modules/installation-gcp-managing-dns-solution.adoc[leveloffset=+2] .Additional resources * xref:../../installing/installing_gcp/installation-config-parameters-gcp.adoc#installation-config-parameters-gcp[Installation configuration parameters for {gcp-first}] -include::modules/installation-gcp-shared-vpc-config.adoc[leveloffset=+2] - include::modules/installation-gcp-config-yaml-simple.adoc[leveloffset=+2] [role="_additional-resources"] diff --git a/modules/installation-gcp-shared-vpc-config.adoc b/modules/installation-gcp-shared-vpc-config.adoc deleted file mode 100644 index 69f6bf93f5d8..000000000000 --- a/modules/installation-gcp-shared-vpc-config.adoc +++ /dev/null @@ -1,33 +0,0 @@ -// This file is referenced in the following assembly: -// installing/installing_gcp/installing-gcp-shared-vpc.adoc - -:_mod-docs-content-type: REFERENCE -[id="installation-gcp-shared-vpc-config_{context}"] -= Sample customized install-config.yaml file for shared VPC installation - -[role="_abstract"] -There are several configuration parameters which are required to install {product-title} on {gcp-short} using a shared VPC. The following is a sample `install-config.yaml` file which demonstrates these fields. - -[IMPORTANT] -==== -This sample YAML snippet is provided for reference only. You must modify this file with the correct values for your environment and cluster. -==== - -[source,yaml] ----- -# ... -platform: - gcp: - computeSubnet: - controlPlaneSubnet: - network: - networkProjectID: - projectID: ----- -where: - -``:: Specifies the name of the subnet in the shared VPC for compute machines to use. -``:: Specifies the name of the subnet in the shared VPC for control plane machines to use. -``:: Specifies the name of the shared VPC. -``:: Specifies the name of the host project where the shared VPC exists. -``:: Specifies the name of the project where you want to install the cluster. \ No newline at end of file diff --git a/modules/installation-initializing-manual.adoc b/modules/installation-initializing-manual.adoc index 3fa15501a1f1..cda3e4b4b66d 100644 --- a/modules/installation-initializing-manual.adoc +++ b/modules/installation-initializing-manual.adoc @@ -127,6 +127,33 @@ $ mkdir You must create a directory. Some installation assets, such as bootstrap X.509 certificates have short expiration intervals, so you must not reuse an installation directory. If you want to reuse individual files from another cluster installation, you can copy them into your directory. However, the file names for the installation assets might change between releases. Use caution when copying installation files from an earlier {product-title} version. ==== +ifdef::gcp-private[] +. Edit the `install-config.yaml` file to set the `publish: Internal` parameter. +endif::gcp-private[] +ifdef::gcp-shared[] +. Edit the `install-config.yaml` file to set the parameters necessary for installation into a shared VPC. +.. Define the network, subnets, and project names for the shared VPC: ++ +[source,yaml] +---- +# ... +platform: + gcp: + computeSubnet: + controlPlaneSubnet: + network: + networkProjectID: + projectID: +---- +where: + +``:: Specifies the name of the subnet in the shared VPC for compute machines to use. +``:: Specifies the name of the subnet in the shared VPC for control plane machines to use. +``:: Specifies the name of the shared VPC. +``:: Specifies the name of the host project where the shared VPC exists. +``:: Specifies the name of the project where you want to install the cluster. +endif::gcp-shared[] + . Customize the provided sample `install-config.yaml` file template and save the file in the ``. ifdef::ibm-cloud-restricted[] + diff --git a/modules/installation-initializing.adoc b/modules/installation-initializing.adoc index 7904abaaf84e..c558e2e3b40d 100644 --- a/modules/installation-initializing.adoc +++ b/modules/installation-initializing.adoc @@ -587,9 +587,11 @@ ifdef::gcp+restricted[] + [source,yaml] ---- -network: -controlPlaneSubnet: -computeSubnet: +platform: + gcp: + network: + controlPlaneSubnet: + computeSubnet: ---- + For `platform.gcp.network`, specify the name for the existing Google VPC. For `platform.gcp.controlPlaneSubnet` and `platform.gcp.computeSubnet`, specify the existing subnets to deploy the control plane machines and compute machines, respectively. diff --git a/modules/private-clusters-about-gcp.adoc b/modules/private-clusters-about-gcp.adoc index 9280b8f3c7a6..11a097809345 100644 --- a/modules/private-clusters-about-gcp.adoc +++ b/modules/private-clusters-about-gcp.adoc @@ -6,7 +6,8 @@ [id="private-clusters-about-gcp_{context}"] = Private clusters in {gcp-short} -To create a private cluster on {gcp-first}, you must provide an existing private VPC and subnets to host the cluster. The installation program must also be able to resolve the DNS records that the cluster requires. The installation program configures the Ingress Operator and API server for only internal traffic. +[role="_abstract"] +To create a private cluster on {gcp-first}, you must provide an existing private VPC and subnets to host the cluster, and you must specify `publish: Internal` in your `install-config.yaml` file. The installation program must also be able to resolve the DNS records that the cluster requires. The installation program configures the Ingress Operator and API server for only internal traffic. The cluster still requires access to internet to access the {gcp-short} APIs.