Chapter 3. Installation configuration parameters

The API version for the install-config.yaml content. The current version is v1. The installation program might also support older API versions.

Value: String

The base domain of your cloud provider. The base domain is used to create routes to your OpenShift Container Platform cluster components. The full DNS name for your cluster is a combination of the baseDomain and metadata.name parameter values that uses the <metadata.name>.<baseDomain> format.

Value: A fully-qualified domain or subdomain name, such as example.com.

Kubernetes resource ObjectMeta, from which only the name parameter is consumed.

Value: Object

The name of the cluster. DNS records for the cluster are all subdomains of {{.metadata.name}}.{{.baseDomain}}.

Value: String of lowercase letters, hyphens (-), and periods (.), such as dev.

The configuration for the specific platform upon which to perform the installation: aws, baremetal, azure, gcp, ibmcloud, nutanix, openstack, powervs, vsphere, or {}. For additional information about platform.<platform> parameters, consult the table for your specific platform that follows.

Value: Object

Get a pull secret from Red Hat OpenShift Cluster Manager to authenticate downloading container images for OpenShift Container Platform components from services such as Quay.io.

Value:

{
   "auths":{
      "cloud.openshift.com":{
         "auth":"b3Blb=",
         "email":"you@example.com"
      },
      "quay.io":{
         "auth":"b3Blb=",
         "email":"you@example.com"
      }
   }
}

The configuration for the cluster network.

Value: Object

The Red Hat OpenShift Networking network plugin to install.

Value:OVNKubernetes. OVNKubernetes is a Container Network Interface (CNI) plugin for Linux networks and hybrid networks that contain both Linux and Windows servers. The default value is OVNKubernetes.

The IP address blocks for pods.

The default value is 10.128.0.0/14 with a host prefix of /23.

If you specify multiple IP address blocks, the blocks must not overlap.

Value: An array of objects. For example:

networking:
  clusterNetwork:
  - cidr: 10.128.0.0/14
    hostPrefix: 23

Required if you use networking.clusterNetwork. An IP address block.

An IPv4 network.

The subnet prefix length to assign to each individual node. For example, if hostPrefix is set to 23 then each node is assigned a /23 subnet out of the given cidr. A hostPrefix value of 23 provides 510 (2^(32 - 23) - 2) pod IP addresses.

Value: A subnet prefix.

The default value is 23.

The IP address block for services. The default value is 172.30.0.0/16.

Value: An array with an IP address block in CIDR format. For example:

networking:
  serviceNetwork:
   - 172.30.0.0/16

The IP address blocks for machines.

If you specify multiple IP address blocks, the blocks must not overlap.

Value: An array of objects. For example:

networking:
  machineNetwork:
  - cidr: 10.0.0.0/16

Required if you use networking.machineNetwork. An IP address block. The default value is 10.0.0.0/16 for all platforms other than libvirt and IBM Power® Virtual Server. For libvirt, the default value is 192.168.126.0/24. For IBM Power® Virtual Server, the default value is 192.168.0.0/24.

Value: An IP network block in CIDR notation.

For example, 10.0.0.0/16.

Configures the IPv4 join subnet that is used internally by ovn-kubernetes. This subnet must not overlap with any other subnet that OpenShift Container Platform is using, including the node network. The size of the subnet must be larger than the number of nodes. You cannot change the value after installation.

Value: An IP network block in CIDR notation. The default value is 100.64.0.0/16.

A PEM-encoded X.509 certificate bundle that is added to the nodes' trusted certificate store. This trust bundle might also be used when a proxy has been configured.

Value: String

Controls the installation of optional core cluster components. You can reduce the footprint of your OpenShift Container Platform cluster by disabling optional components. For more information, see the "Cluster capabilities" page in Installing.

Value: String array

Selects an initial set of optional capabilities to enable. Valid values are None, v4.11, v4.12 and vCurrent. The default value is vCurrent.

Value: String

Extends the set of optional capabilities beyond what you specify in baselineCapabilitySet. You can specify multiple capabilities in this parameter.

Value: String array

Enables workload partitioning, which isolates OpenShift Container Platform services, cluster management workloads, and infrastructure pods to run on a reserved set of CPUs. You can only enable workload partitioning during installation. You cannot disable it after installation. While this field enables workload partitioning, it does not configure workloads to use specific CPUs. For more information, see the Workload partitioning page in the Scalability and Performance section.

Value: None or AllNodes. None is the default value.

The configuration for the machines that comprise the compute nodes.

Value: Array of MachinePool objects.

Determines the instruction set architecture of the machines in the pool. Currently, clusters with varied architectures are not supported. All pools must specify the same architecture. Valid values are amd64 (the default).

Value: String

Whether to enable or disable simultaneous multithreading, or hyperthreading, on compute machines. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores.

Value: Enabled or Disabled

Required if you use compute. The name of the machine pool.

Value: worker

Required if you use compute. Use this parameter to specify the cloud provider to host the worker machines. This parameter value must match the controlPlane.platform parameter value.

Value:aws, azure, gcp, ibmcloud, nutanix, openstack, powervs, vsphere, or {}

The number of compute machines, which are also known as worker machines, to provision.

Value: A positive integer greater than or equal to 2. The default value is 3.

Enables the cluster for a feature set. A feature set is a collection of OpenShift Container Platform features that are not enabled by default. For more information about enabling a feature set during installation, see "Enabling features using feature gates".

Value: String. The name of the feature set to enable, such as TechPreviewNoUpgrade.

The configuration for the machines that form the control plane.

Value: Array of MachinePool objects.

Determines the instruction set architecture of the machines in the pool. Currently, clusters with varied architectures are not supported. All pools must specify the same architecture. Valid values are amd64 (the default).

Value: String

Whether to enable or disable simultaneous multithreading, or hyperthreading, on control plane machines. By default, simultaneous multithreading is enabled to increase the performance of your machines' cores.

Value: Enabled or Disabled

Required if you use controlPlane. The name of the machine pool.

Value: master

Required if you use controlPlane. Use this parameter to specify the cloud provider that hosts the control plane machines. This parameter value must match the compute.platform parameter value.

Value:aws, azure, gcp, ibmcloud, nutanix, openstack, powervs, vsphere, or {}

The number of control plane machines to provision.

Value: Supported values are 3, or 1 when deploying single-node OpenShift.

The OpenShift Container Platform cluster requires a name for arbiter nodes. For example, arbiter.

The replicas parameter sets the number of arbiter nodes for the OpenShift Container Platform cluster. You cannot set this field to a value that is greater than 1.

The Cloud Credential Operator (CCO) mode. If no mode is specified, the CCO dynamically tries to determine the capabilities of the provided credentials, with a preference for mint mode on the platforms where multiple modes are supported.

Value: Mint, Passthrough, Manual or an empty string ("").

Enable or disable FIPS mode. The default is false (disabled). If you enable FIPS mode, the Red Hat Enterprise Linux CoreOS (RHCOS) machines that OpenShift Container Platform runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that RHCOS provides instead.

Value: false or true

The name parameter contains the name of the Private Service Connect (PSC) endpoints.

When you want the installation program to use the public API endpoints and cluster operators to use the API endpoint overrides, set clusterUseOnly to true. When you want both the installation program and the cluster operators to use the API endpoint overrides, for example if you are running the installation program from a bastion host that is within the same VPC where you want to deploy the cluster, set clusterUseOnly to false . The parameter is optional and defaults to false.

Value: String or boolean

Sources and repositories for the release-image content.

Value: Array of objects. Includes a source and, optionally, mirrors, as described in the following rows of this table.

Required if you use imageContentSources. Specify the repository that users refer to, for example, in image pull specifications.

Value: String

Specify one or more repositories that might also contain the same images.

Value: Array of strings

Specifies the image stream that will be used for all machines in the cluster. osImageStream is a Technology Preview feature. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

Value: String. Valid values are rhel-9 or rhel-10.

How to publish or expose the user-facing endpoints of your cluster, such as the Kubernetes API, OpenShift routes.

Value:Internal or External. The default value is External.

Setting this field to Internal is not supported on non-cloud platforms.

The SSH key to authenticate access to your cluster machines.

Value: For example, sshKey: ssh-ed25519 AAAA...