Chapter 7. Installation configuration parameters for Alibaba Cloud
Before you deploy an OpenShift Container Platform cluster on Alibaba Cloud, you provide parameters to customize your cluster and the platform that hosts it. When you create the install-config.yaml
file, you provide values for the required parameters through the command line. You can then modify the install-config.yaml
file to customize your cluster further.
7.1. Available installation configuration parameters for Alibaba Cloud
The following tables specify the required, optional, and Alibaba Cloud-specific installation configuration parameters that you can set as part of the installation process.
After installation, you cannot modify these parameters in the install-config.yaml
file.
7.1.1. Required configuration parameters
Required installation configuration parameters are described in the following table:
Parameter | Description | Values |
---|---|---|
apiVersion: |
The API version for the | String |
baseDomain: |
The base domain of your cloud provider. The base domain is used to create routes to your OpenShift Container Platform cluster components. The full DNS name for your cluster is a combination of the |
A fully-qualified domain or subdomain name, such as |
metadata: |
Kubernetes resource | Object |
metadata: name: |
The name of the cluster. DNS records for the cluster are all subdomains of |
String of lowercase letters, hyphens ( |
platform: |
The configuration for the specific platform upon which to perform the installation: | Object |
pullSecret: | Get a pull secret from Red Hat OpenShift Cluster Manager to authenticate downloading container images for OpenShift Container Platform components from services such as Quay.io. |
{ "auths":{ "cloud.openshift.com":{ "auth":"b3Blb=", "email":"you@example.com" }, "quay.io":{ "auth":"b3Blb=", "email":"you@example.com" } } } |
7.1.2. Network configuration parameters
You can customize your installation configuration based on the requirements of your existing network infrastructure. For example, you can expand the IP address block for the cluster network or provide different IP address blocks than the defaults.
Only IPv4 addresses are supported.
Globalnet is not supported with Red Hat OpenShift Data Foundation disaster recovery solutions. For regional disaster recovery scenarios, ensure that you use a nonoverlapping range of private IP addresses for the cluster and service networks in each cluster.
Parameter | Description | Values |
---|---|---|
networking: | The configuration for the cluster network. | Object Note
You cannot modify parameters specified by the |
networking: networkType: | The Red Hat OpenShift Networking network plugin to install. |
|
networking: clusterNetwork: | The IP address blocks for pods.
The default value is If you specify multiple IP address blocks, the blocks must not overlap. | An array of objects. For example: networking: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 |
networking: clusterNetwork: cidr: |
Required if you use An IPv4 network. |
An IP address block in Classless Inter-Domain Routing (CIDR) notation. The prefix length for an IPv4 block is between |
networking: clusterNetwork: hostPrefix: |
The subnet prefix length to assign to each individual node. For example, if | A subnet prefix.
The default value is |
networking: serviceNetwork: |
The IP address block for services. The default value is The OVN-Kubernetes network plugins supports only a single IP address block for the service network. | An array with an IP address block in CIDR format. For example: networking: serviceNetwork: - 172.30.0.0/16 |
networking: machineNetwork: | The IP address blocks for machines. If you specify multiple IP address blocks, the blocks must not overlap. | An array of objects. For example: networking: machineNetwork: - cidr: 10.0.0.0/16 |
networking: machineNetwork: cidr: |
Required if you use | An IP network block in CIDR notation.
For example, Note
Set the |
7.1.3. Optional configuration parameters
Optional installation configuration parameters are described in the following table:
Parameter | Description | Values |
---|---|---|
additionalTrustBundle: | A PEM-encoded X.509 certificate bundle that is added to the nodes' trusted certificate store. This trust bundle may also be used when a proxy has been configured. | String |
capabilities: | Controls the installation of optional core cluster components. You can reduce the footprint of your OpenShift Container Platform cluster by disabling optional components. For more information, see the "Cluster capabilities" page in Installing. | String array |
capabilities: baselineCapabilitySet: |
Selects an initial set of optional capabilities to enable. Valid values are | String |
capabilities: additionalEnabledCapabilities: |
Extends the set of optional capabilities beyond what you specify in | String array |
cpuPartitioningMode: | Enables workload partitioning, which isolates OpenShift Container Platform services, cluster management workloads, and infrastructure pods to run on a reserved set of CPUs. Workload partitioning can only be enabled during installation and cannot be disabled after installation. While this field enables workload partitioning, it does not configure workloads to use specific CPUs. For more information, see the Workload partitioning page in the Scalability and Performance section. |
|
compute: | The configuration for the machines that comprise the compute nodes. |
Array of |
compute: architecture: |
Determines the instruction set architecture of the machines in the pool. Currently, clusters with varied architectures are not supported. All pools must specify the same architecture. Valid values are | String |
compute: hyperthreading: |
Whether to enable or disable simultaneous multithreading, or Important If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. |
|
compute: name: |
Required if you use |
|
compute: platform: |
Required if you use |
|
compute: replicas: | The number of compute machines, which are also known as worker machines, to provision. |
A positive integer greater than or equal to |
featureSet: | Enables the cluster for a feature set. A feature set is a collection of OpenShift Container Platform features that are not enabled by default. For more information about enabling a feature set during installation, see "Enabling features using feature gates". |
String. The name of the feature set to enable, such as |
controlPlane: | The configuration for the machines that comprise the control plane. |
Array of |
controlPlane: architecture: |
Determines the instruction set architecture of the machines in the pool. Currently, clusters with varied architectures are not supported. All pools must specify the same architecture. Valid values are | String |
controlPlane: hyperthreading: |
Whether to enable or disable simultaneous multithreading, or Important If you disable simultaneous multithreading, ensure that your capacity planning accounts for the dramatically decreased machine performance. |
|
controlPlane: name: |
Required if you use |
|
controlPlane: platform: |
Required if you use |
|
controlPlane: replicas: | The number of control plane machines to provision. |
Supported values are |
credentialsMode: | The Cloud Credential Operator (CCO) mode. If no mode is specified, the CCO dynamically tries to determine the capabilities of the provided credentials, with a preference for mint mode on the platforms where multiple modes are supported. |
|
fips: |
Enable or disable FIPS mode. The default is Important To enable FIPS mode for your cluster, you must run the installation program from a Red Hat Enterprise Linux (RHEL) computer configured to operate in FIPS mode. For more information about configuring FIPS mode on RHEL, see Installing the system in FIPS mode. When running Red Hat Enterprise Linux (RHEL) or Red Hat Enterprise Linux CoreOS (RHCOS) booted in FIPS mode, OpenShift Container Platform core components use the RHEL cryptographic libraries that have been submitted to NIST for FIPS 140-2/140-3 Validation on only the x86_64, ppc64le, and s390x architectures. Note If you are using Azure File storage, you cannot enable FIPS mode. |
|
imageContentSources: | Sources and repositories for the release-image content. |
Array of objects. Includes a |
imageContentSources: source: |
Required if you use | String |
imageContentSources: mirrors: | Specify one or more repositories that may also contain the same images. | Array of strings |
publish: | How to publish or expose the user-facing endpoints of your cluster, such as the Kubernetes API, OpenShift routes. |
Setting this field to Important
If the value of the field is set to |
sshKey: | The SSH key to authenticate access to your cluster machines. Note
For production OpenShift Container Platform clusters on which you want to perform installation debugging or disaster recovery, specify an SSH key that your |
For example, |
- Not all CCO modes are supported for all cloud providers. For more information about CCO modes, see the "Managing cloud provider credentials" entry in the Authentication and authorization content.
7.1.4. Additional Alibaba Cloud configuration parameters
Additional Alibaba Cloud configuration parameters are described in the following table. The alibabacloud
parameters are the configuration used when installing on Alibaba Cloud. The defaultMachinePlatform
parameters are the default configuration used when installing on Alibaba Cloud for machine pools that do not define their own platform configuration.
These parameters apply to both compute machines and control plane machines where specified.
If defined, the parameters compute.platform.alibabacloud
and controlPlane.platform.alibabacloud
will overwrite platform.alibabacloud.defaultMachinePlatform
settings for compute machines and control plane machines respectively.
Parameter | Description | Values |
---|---|---|
compute: platform: alibabacloud: imageID: | The imageID used to create the ECS instance. ImageID must belong to the same region as the cluster. | String. |
compute: platform: alibabacloud: instanceType: |
InstanceType defines the ECS instance type. Example: | String. |
compute: platform: alibabacloud: systemDiskCategory: |
Defines the category of the system disk. Examples: | String. |
compute: platform: alibabacloud: systemDisksize: | Defines the size of the system disk in gibibytes (GiB). | Integer. |
compute: platform: alibabacloud: zones: |
The list of availability zones that can be used. Examples: | String list. |
controlPlane: platform: alibabacloud: imageID: | The imageID used to create the ECS instance. ImageID must belong to the same region as the cluster. | String. |
controlPlane: platform: alibabacloud: instanceType: |
InstanceType defines the ECS instance type. Example: | String. |
controlPlane: platform: alibabacloud: systemDiskCategory: |
Defines the category of the system disk. Examples: | String. |
controlPlane: platform: alibabacloud: systemDisksize: | Defines the size of the system disk in gibibytes (GiB). | Integer. |
controlPlane: platform: alibabacloud: zones: |
The list of availability zones that can be used. Examples: | String list. |
platform: alibabacloud: region: | Required. The Alibaba Cloud region where the cluster will be created. | String. |
platform: alibabacloud: resourceGroupID: | The ID of an already existing resource group where the cluster will be installed. If empty, the installation program will create a new resource group for the cluster. | String. |
platform: alibabacloud: tags: | Additional keys and values to apply to all Alibaba Cloud resources created for the cluster. | Object. |
platform: alibabacloud: vpcID: | The ID of an already existing VPC where the cluster should be installed. If empty, the installation program will create a new VPC for the cluster. | String. |
platform: alibabacloud: vswitchIDs: | The ID list of already existing VSwitches where cluster resources will be created. The existing VSwitches can only be used when also using existing VPC. If empty, the installation program will create new VSwitches for the cluster. | String list. |
platform: alibabacloud: defaultMachinePlatform: imageID: | For both compute machines and control plane machines, the image ID that should be used to create ECS instance. If set, the image ID should belong to the same region as the cluster. | String. |
platform: alibabacloud: defaultMachinePlatform: instanceType: |
For both compute machines and control plane machines, the ECS instance type used to create the ECS instance. Example: | String. |
platform: alibabacloud: defaultMachinePlatform: systemDiskCategory: |
For both compute machines and control plane machines, the category of the system disk. Examples: |
String, for example "", |
platform: alibabacloud: defaultMachinePlatform: systemDiskSize: |
For both compute machines and control plane machines, the size of the system disk in gibibytes (GiB). The minimum is | Integer. |
platform: alibabacloud: defaultMachinePlatform: zones: |
For both compute machines and control plane machines, the list of availability zones that can be used. Examples: | String list. |
platform: alibabacloud: privateZoneID: | The ID of an existing private zone into which to add DNS records for the cluster’s internal API. An existing private zone can only be used when also using existing VPC. The private zone must be associated with the VPC containing the subnets. Leave the private zone unset to have the installation program create the private zone on your behalf. | String. |