📖 Documentation Update to Creating a ROSA HCP cluster directions#5920
📖 Documentation Update to Creating a ROSA HCP cluster directions#5920tinaafitz wants to merge 6 commits intokubernetes-sigs:mainfrom
Conversation
|
Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
kind/documentation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
k8s-ci-robot
added
needs-priority
cncf-cla: yes
|
Hi @tinaafitz. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Tip We noticed you've done this a few times! Consider joining the org to skip this step and gain Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
tinaafitz
force-pushed
the
create_cluster_doc_fix
branch
4 times, most recently
from
8f82392 to
818e792
Compare
tinaafitz
changed the title
tinaafitz
changed the title
…ong with examples for each.
tinaafitz
force-pushed
the
create_cluster_doc_fix
branch
from
c6eaab7 to
9afb9f1
Compare
|
|
||
| ## Authentication | ||
| The CAPA controller requires service account credentials to provision ROSA HCP clusters. | ||
| If you already have a service account, you can skip these steps. |
There was a problem hiding this comment.
| If you already have a service account, you can skip these steps. | |
| **Note:** If you already have a service account, you can skip these steps. |
| rosaClusterName: rosa-hcp-1 | ||
| domainPrefix: rosa-hcp | ||
| rosaRoleConfigRef: | ||
| name: role-config |
There was a problem hiding this comment.
| name: role-config | |
| name: role-config # reference to the ROSARoleConfig created above |
| version: "4.19.0" | ||
| region: "us-west-2" | ||
| rosaNetworkRef: | ||
| name: "rosa-vpc" |
There was a problem hiding this comment.
| name: "rosa-vpc" | |
| name: "rosa-vpc" # reference to the ROSANetwork created above |
… and deletion steps - Bold the service account skip note - Add full resource headers (apiVersion, kind, metadata, spec) to ROSARoleConfig and ROSANetwork status examples - Add inline comments to rosaRoleConfigRef and rosaNetworkRef for clarity - Add example for creating an additional ROSAMachinePool (workers-extra) - Add section for deleting a ROSA HCP cluster and cleaning up resources
| 1. Extract the OIDC provider from the management cluster and set your AWS account ID: | ||
|
|
||
| ```shell | ||
| export OIDC_PROVIDER=$(kubectl get authentication.config.openshift.io cluster -ojson | jq -r .spec.serviceAccountIssuer | sed 's/https:\/\///') |
There was a problem hiding this comment.
This is only for Openshift not kubernetes in general
| @@ -0,0 +1,86 @@ | |||
| # Specifying the IAM Role for ROSA HCP Management Components | |||
|
|
|||
| When using a management cluster (kind or minikube) with CAPI and CAPA installed, you can configure the CAPA controller to use IAM roles instead of storing AWS credentials. This uses OIDC federation to allow the CAPA controller service account to assume an IAM role. | |||
There was a problem hiding this comment.
lets mentioned that a rosa-hcp is the management cluster or any cluster created using aws credential
- Add IAM Role Configuration section linking to specify-management-iam-role doc - Reorder prerequisites: ROSA setup first, management cluster second - Fix Authentication section formatting and numbering - Add new specify-management-iam-role doc with step-by-step IAM role setup instructions
tinaafitz
force-pushed
the
create_cluster_doc_fix
branch
2 times, most recently
from
d911351 to
cc9fec5
Compare
- Add ROSA and MachinePool feature gate requirements before clusterctl init - Add note about rosa-creds-secret namespace matching resource namespace - Add note about ROSARoleConfig prefix max length (4 characters) - Update OpenShift version from 4.19.0 to 4.20.11 with version check hint - Update Cluster and MachinePool API version from v1beta1 to v1beta2
tinaafitz
force-pushed
the
create_cluster_doc_fix
branch
from
cc9fec5 to
f21d69f
Compare
3 participants
/kind documentation