Chapter 7. Creating a cluster
Learn how to create Red Hat OpenShift Container Platform clusters across cloud providers with Red Hat Advanced Cluster Management for Kubernetes.
7.1. Creating a cluster on Amazon Web Services
You can use the Red Hat Advanced Cluster Management for Kubernetes console to create a Red Hat OpenShift Container Platform cluster on Amazon Web Services (AWS).
7.1.1. Prerequisites
You must have the following prerequisites before creating a cluster on AWS:
- A deployed Red Hat Advanced Cluster Management for Kubernetes hub cluster
- Internet access for your Red Hat Advanced Cluster Management for Kubernetes hub cluster so it can create the Kubernetes cluster on Amazon Web Services
- AWS provider connection. See Creating a provider connection for Amazon Web Services for more information.
- A configured domain in AWS. See Configuring an AWS account for instructions on how to configure a domain.
- Amazon Web Services (AWS) login credentials, which include user name, password, access key ID, and secret access key. See Understanding and Getting Your Security Credentials.
- A OpenShift Container Platform image pull secret. See Using image pull secrets.
Note: If you change your cloud provider access key, you must manually update the provisioned cluster access key. For more information, see the known issue, Automatic secret updates for provisioned clusters is not supported.
7.1.2. Creating your cluster with the Red Hat Advanced Cluster Management for Kubernetes console
To create clusters from the Red Hat Advanced Cluster Management for Kubernetes console, complete the following steps:
- From the navigation menu, navigate to Automate infrastructure > Clusters.
- On the Clusters page, Click Add Cluster.
Select Create a cluster.
Note: This procedure is for creating a cluster. If you have an existing cluster that you want to import, see Importing a target managed cluster to the hub cluster for those steps.
Enter a name for your cluster. This name is used in the hostname of the cluster.
Tip: You can view the
yaml
content updates as you enter the information in the console by setting the YAML switch to ON.- Select Amazon Web Services for the infrastructure provider.
- Specify a Release image that you want to use for the cluster. This identifies the version of the OpenShift Container Platform image that is used to create the cluster. If the version that you want to use is available, you can select the image from the list of images. If the image that you want to use is not a standard image, you can enter the url to the image that you want to use. See Release images for more information about release images.
- Select your provider connection from the available connections on the list. If you do not have one configured, or want to configure a new one, select Add connection. See Creating a provider connection for Amazon Web Services for more information about creating a provider connection.
- Add the Additional Labels that you want to associate with your cluster. These labels help to identify the cluster and limit search results.
Configure the Node pools for your cluster.
The node pools define the location and size of the nodes that are used for your cluster.
The Region specifies where the nodes are located geographically. A closer region might provide faster performance, but a more distant region might be more distributed.
- Master pool: There are three Master nodes that are created for your cluster in the master pool. The master nodes share the management of the cluster activity. You can select multiple zones within the region for a more distributed group of master nodes. You can change the type and size of your instance after it is created, but you can also specify it in this section. The default values are mx5.xlarge - 4 vCPU, 16 GiB RAM - General Purpose with 100 GiB of root storage.
- Worker pools: You can create zero or more worker nodes in a worker pool to run the container workloads for the cluster. They can be in a single worker pool, or distributed across multiple worker pools. If zero worker nodes are specified, the master nodes also function as worker nodes.
- Configure the cluster networking options that are necessary. Enter the base DNS information that you configured for your AWS account. If there is already a base domain associated with the selected provider connection, that value is populated in that field. You can change the value by overwriting it. See Configuring an AWS account for more information. This name is used in the hostname of the cluster.
- Optional: Configure a label for the cluster.
Click Create. You can view your cluster details after the create and import process is complete.
Note: You do not have to run the
kubectl
command that is provided with the cluster details to import the cluster. When you create the cluster, it is automatically configured under the management of Red Hat Advanced Cluster Management.
7.1.3. Accessing your cluster
To access a cluster that is managed by Red Hat Advanced Cluster Management for Kubernetes, complete the following steps:
- From the Red Hat Advanced Cluster Management navigation menu, navigate to Automate infrastructure > Clusters.
- Select the name of the cluster that you created or want to access. The cluster details are displayed.
- Select Reveal credentials to view the user name and password for the cluster. Note these values to use when you log in to the cluster.
- Select Console URL to link to the cluster.
- Log in to the cluster by using the user ID and password that you found in step 3.
Select Actions > Launch to cluster for the cluster that you want to access.
Tip: If you already know the login credentials, you can access the cluster by selecting Actions > Launch to cluster for the cluster that you want to access.
7.2. Creating a cluster on Microsoft Azure
You can use the Red Hat Advanced Cluster Management for Kubernetes console to deploy a Red Hat OpenShift Container Platform cluster on Microsoft Azure.
7.2.1. Prerequisites
You must have the following prerequisites before creating a cluster on Azure:
- A deployed Red Hat Advanced Cluster Management for Kubernetes hub cluster
- Internet access for your Red Hat Advanced Cluster Management for Kubernetes hub cluster so it can create the Kubernetes cluster on Azure
- Azure provider connection. See Creating a provider connection for Microsoft Azure for more information.
- A configured domain in Azure. See Configuring a custom domain name for an Azure cloud service for instructions on how to configure a domain.
- Azure login credentials, which include user name and password. See azure.microsoft.com.
-
Azure service principals, which include
clientId
,clientSecret
, andtenantId
. See azure.microsoft.com. - A OpenShift Container Platform image pull secret. See Using image pull secrets.
Note: If you change your cloud provider access key, you must manually update the provisioned cluster access key. For more information, see the known issue, Automatic secret updates for provisioned clusters is not supported.
7.2.2. Creating your cluster with the Red Hat Advanced Cluster Management for Kubernetes console
To create clusters from the Red Hat Advanced Cluster Management for Kubernetes console, complete the following steps:
- From the navigation menu, navigate to Automate infrastructure > Clusters.
- On the Clusters page, Click Add Cluster.
Select Create a cluster.
Note: This procedure is for creating a cluster. If you have an existing cluster that you want to import, see Importing a target managed cluster to the hub cluster for those steps.
Enter a name for your cluster. This name is used in the hostname of the cluster.
Tip: You can view the
yaml
content updates as you enter the information in the console by setting the YAML switch to ON.- Select Microsoft Azure for the infrastructure provider.
- Specify a Release image that you want to use for the cluster. This identifies the version of the OpenShift Container Platform image that is used to create the cluster. If the version that you want to use is available, you can select the image from the list of images. If the image that you want to use is not a standard image, you can enter the URL to the image that you want to use. See Release images for more information about release images.
- Select your provider connection from the available connections on the list. If you do not have one configured, or want to configure a new one, select Add connection. See Creating a provider connection for Microsoft Azure for more information about creating a provider connection.
- Add the Additional Labels that you want to associate with your cluster. These labels help to identify the cluster and limit search results.
Configure the Node pools for your cluster.
The node pools define the location and size of the nodes that are used for your cluster.
The Region specifies where the nodes are located geographically. A closer region might provide faster performance, but a more distant region might be more distributed.
- Master pool: There are three Master nodes that are created for your cluster in the master pool. The master nodes share the management of the cluster activity. You can select multiple zones within the region for a more distributed group of master nodes. You can change the type and size of your instance after it is created, but you can also specify it in this section. The default values are Standard_D4s_v3 - 4 vCPU, 16 GiB RAM - General Purpose with 128 GiB of root storage.
- Worker pools: You can create zero or more worker nodes in a worker pool to run the container workloads for the cluster. They can be in a single worker pool, or distributed across multiple worker pools. If zero worker nodes are specified, the master nodes also function as worker nodes.
Configure the cluster networking options that are necessary.
Enter the base DNS information that you configured for your Azure account. If there is already a base DNS associated with the selected provider connection, that value is populated in that field. You can change the value by overwriting it. See Configuring a custom domain name for an Azure cloud service for more information. This name is used in the hostname of the cluster.
- Optional: Configure a label for the cluster.
Click Create. You can view your cluster details after the create and import process is complete.
Note: You do not have to run the
kubectl
command that is provided with the cluster details to import the cluster. When you create the cluster, it is automatically configured under the management of Red Hat Advanced Cluster Management for Kubernetes.
7.2.3. Accessing your cluster
To access a cluster that is managed by Red Hat Advanced Cluster Management for Kubernetes, complete the following steps:
- From the Red Hat Advanced Cluster Management for Kubernetes navigation menu, navigate to Automate infrastructure > Clusters.
- Select the name of the cluster that you created or want to access. The cluster details are displayed.
- Select Reveal credentials to view the user name and password for the cluster. Note these values to use when you log in to the cluster.
- Select Console URL to link to the cluster.
- Log in to the cluster by using the user ID and password that you found in step 3.
Select Actions > Launch to cluster for the cluster that you want to access.
Tip: If you already know the login credentials, you can access the cluster by selecting Actions > Launch to cluster for the cluster that you want to access.
7.3. Creating a cluster on Google Cloud Platform
Follow the procedure to create a Red Hat OpenShift Container Platform cluster on Google Cloud Platform (GCP). For more information about Google Cloud Platform, see Google Cloud Platform.
7.3.1. Prerequisites
You must have the following prerequisites before creating a cluster on GCP:
- A deployed Red Hat Advanced Cluster Management for Kubernetes hub cluster
- Internet access for your Red Hat Advanced Cluster Management for Kubernetes hub cluster so it can create the Kubernetes cluster on GCP
- GCP provider connection. See Creating a a provider connection for Google Cloud Platform for more information.
- A configured domain in GCP. See Setting up a custom domain for instructions on how to configure a domain.
- GCP login credentials, which include user name and password.
- A OpenShift Container Platform image pull secret. See Using image pull secrets.
Note: If you change your cloud provider access key, you must manually update the provisioned cluster access key. For more information, see the known issue, Automatic secret updates for provisioned clusters is not supported.
7.3.2. Creating your cluster with the Red Hat Advanced Cluster Management for Kubernetes console
To create clusters from the Red Hat Advanced Cluster Management for Kubernetes console, complete the following steps:
- From the navigation menu, navigate to Automate infrastructure > Clusters.
- On the Clusters page, Click Add Cluster.
Select Create a cluster.
Note: This procedure is for creating a cluster. If you have an existing cluster that you want to import, see Importing a target managed cluster to the hub cluster for those steps.
Enter a name for your cluster. This name is used in the hostname of the cluster. There are some restrictions that apply to naming your GCP cluster. These restrictions include not beginning the name with
goog
or containing a group of letters and numbers that resemblegoogle
anywhere in the name. See Bucket naming guidelines for the complete list of restrictions.Tip: You can view the
yaml
content updates as you enter the information in the console by setting the YAML switch to ON.- Select Google Cloud for the infrastructure provider.
- Specify a Release image that you want to use for the cluster. This identifies the version of the OpenShift Container Platform image that is used to create the cluster. If the version that you want to use is available, you can select the image from the list of images. If the image that you want to use is not a standard image, you can enter the URL to the image that you want to use. See Release images for more information about release images.
- Select your provider connection from the available connections on the list. If you do not have one configured, or want to configure a new one, select Add connection. See Creating a provider connection for Google Cloud Platform for more information about creating a provider connection.
- Add the Additional Labels that you want to associate with your cluster. These labels help to identify the cluster and limit search results.
Configure the Node pools for your cluster.
The node pools define the location and size of the nodes that are used for your cluster.
The Region specifies where the nodes are located geographically. A closer region might provide faster performance, but a more distant region might be more distributed.
- Master pool: There are three Master nodes that are created for your cluster in the master pool. The master nodes share the management of the cluster activity. You can select multiple zones within the region for a more distributed group of master nodes. You can change the type and size of your instance after it is created, but you can also specify it in this section. The default values are n1-standard-1 - n1-standard-1 1 vCPU - General Purpose with 500 GiB of root storage.
- Worker pools: You can create zero or more worker nodes in a worker pool to run the container workloads for the cluster. They can be in a single worker pool, or distributed across multiple worker pools. If zero worker nodes are specified, the master nodes also function as worker nodes.
Configure the cluster networking options that are necessary.
Enter the base DNS information that you configured for your Google Cloud Platform account. If there is already a base DNS that is associated with the selected provider connection, that value is populated in that field. You can change the value by overwriting it. See Setting up a custom domain for more information. This name is used in the hostname of the cluster.
- Optional: Configure a label for the cluster.
- Click Create.
You can view your cluster details after the create and import process is complete.
+ Note: You do not have to run the kubectl
command that is provided with the cluster details to import the cluster. When you create the cluster, it is automatically configured under the management of Red Hat Advanced Cluster Management for Kubernetes.
7.3.3. Accessing your cluster
To access a cluster that is managed by Red Hat Advanced Cluster Management for Kubernetes, complete the following steps:
- From the Red Hat Advanced Cluster Management for Kubernetes navigation menu, navigate to Automate infrastructure > Clusters.
- Select the name of the cluster that you created or want to access. The cluster details are displayed.
- Select Reveal credentials to view the user name and password for the cluster. Note these values to use when you log in to the cluster.
- Select Console URL to link to the cluster.
- Log in to the cluster by using the user ID and password that you found in step 3.
Select Actions > Launch to cluster for the cluster that you want to access.
Tip: If you already know the login credentials, you can access the cluster by selecting Actions > Launch to cluster for the cluster that you want to access.
7.4. Creating a cluster on VMware vSphere
You can use the Red Hat Advanced Cluster Management for Kubernetes console to deploy a Red Hat OpenShift Container Platform cluster on VMware vSphere.
7.4.1. Prerequisites
You must have the following prerequisites before creating a cluster on vSphere:
- A Red Hat Advanced Cluster Management hub cluster that is deployed on OpenShift Container Platform version 4.5, or later.
- Internet access for your Red Hat Advanced Cluster Management hub cluster so it can create the Kubernetes cluster on vSphere.
- vSphere provider connection. See Creating a provider connection for VMware vSphere for more information.
- A Red Hat OpenShift image pull secret. See Using image pull secrets.
The following information for the VMware instance where you are deploying:
- Required static IP addresses for API and Ingress instances.
DNS records for:
- api.<cluster_name>.<base_domain> which must point to the static API VIP.
- *.apps.<cluster_name>.<base_domain> which must point to the static IP address for Ingress VIP.
7.4.2. Creating your cluster with the Red Hat Advanced Cluster Management for Kubernetes console
To create clusters from the Red Hat Advanced Cluster Management console, complete the following steps:
- From the navigation menu, navigate to Automate infrastructure > Clusters.
- On the Clusters page, click Add Cluster.
Select Create a cluster.
Note: This procedure is for creating a cluster. If you have an existing cluster that you want to import, see Importing a target managed cluster to the hub cluster for those steps.
Enter a name for your cluster. This name is used in the hostname of the cluster.
Note: This value must match the name that you used to create the DNS records listed in the provider connection prerequisites section.
Tip: You can view the
yaml
content updates as you enter the information in the console by setting the YAML switch to ON.- Select VMware vSphere for the infrastructure provider.
- Specify a Release image that you want to use for the cluster. This identifies the version of the OpenShift Container Platform image that is used to create the cluster. If the version that you want to use is available, you can select the image from the list of images. If the image that you want to use is not a standard image, you can enter the URL of the image that you want to use. See Release images for more information. Note: Only release images for OpenShift Container Platform versions 4.5.x and higher are supported.
- Select your provider connection from the available connections on the list. If you do not have one configured, or want to configure a new one, select Add connection. See Creating a provider connection for more information about creating a provider connection.
- Enter the base domain information that you configured for your vSphere account. If there is already a base domain associated with the selected provider connection, that value is populated in that field. You can change the value by overwriting it. Note: This value must match the name that you used to create the DNS records listed in the prerequisites section. This name is used in the hostname of the cluster.
- Add the Additional Labels that you want to associate with your cluster. These labels help to identify the cluster and limit search results.
Configure the Node pools for your cluster.
The node pools define the location and size of the nodes that are used for your cluster.
You can create one or more worker nodes in a worker pool to run the container workloads for the cluster. They can be in a single worker pool, or distributed across multiple worker pools.
Configure the cluster networking options, which are shown in the following list:
- vSphere network name - The VMware vSphere network name.
-
API VIP - The IP address to use for internal API communication. Note: This value must match the name that you used to create the DNS records listed in the prerequisites section. If not provided, the DNS must be pre-configured so that
api.
resolves correctly. -
Ingress VIP - The IP address to use for ingress traffic. Note: This value must match the name that you used to create the DNS records listed in the prerequisites section. If not provided, the DNS must be pre-configured so that
test.apps.
resolves correctly.
- Optional: Configure a label for the cluster.
Click Create. You can view your cluster details after the create and import process is complete.
Note: When you create the cluster, it is automatically configured under the management of Red Hat Advanced Cluster Management. You do not have to run the
kubectl
command that is provided with the cluster details to import the cluster.
7.4.3. Accessing your cluster
To access a cluster that is managed by Red Hat Advanced Cluster Management, complete the following steps:
- If you already know the log in credentials, you can access the cluster by selecting the Options menu for the cluster, and selecting Launch to cluster.
If you do not know the log in credentials
- From the Red Hat Advanced Cluster Management navigation menu, navigate to Automate infrastructure > Clusters.
- Select the name of the cluster that you created or want to access. The cluster details are displayed.
- Select Reveal credentials to view the user name and password for the cluster. Use these values when you log in to the cluster.
- Select Console URL to link to the cluster.
- Log in to the cluster by using the user ID and password that you found in step 3.
Select Actions > Launch to cluster for the cluster that you want to access.
Tip: If you already know the login credentials, you can access the cluster by selecting Actions > Launch to cluster for the cluster that you want to access.
7.5. Creating a cluster on bare metal
You can use the Red Hat Advanced Cluster Management for Kubernetes console to create a Red Hat OpenShift Container Platform cluster in a bare metal environment.
7.5.1. Prerequisites
You need the following prerequisites before creating a cluster in a bare metal environment:
- A deployed Red Hat Advanced Cluster Management for Kubernetes hub cluster on OpenShift Container Platform version 4.5, or later.
- Internet access for your Red Hat Advanced Cluster Management for Kubernetes hub cluster (connected) or a connection to an internal or mirror registry that has a connection to the Internet (disconnected) to retrieve the required images for creating the cluster.
- A temporary external KVM host that runs a bootstrap virtual machine, which is used to create a Hive cluster. See Preparing a provisioning host for more information.
- Your bare metal server login credentials, which includes the libvirt URI from the bootstrap virtual machine in the previous item, the SSH Private Key, and a list of SSH known hosts. See Setting up the environment for an OpenShift installation for more information.
- Bare metal provider connection; see Creating a provider connection for bare metal for more information.
- Login credentials for your bare metal environment, which include user name, password, and Baseboard Management Controller Address.
- A configured bare metal asset, if you are are enabling certificate verification. See Creating and modifying bare metal assets for more information.
A OpenShift Container Platform image pull secret; see Using image pull secrets.
Notes:
- The bare metal asset, managed bare metal cluster, and its related secret must be in the same namespace.
- If you change your cloud provider access key, you must manually update the provisioned cluster access key. For more information, see the known issue, Automatic secret updates for provisioned clusters is not supported.
7.5.2. Creating your cluster with the Red Hat Advanced Cluster Management console
To create clusters from the Red Hat Advanced Cluster Management console, complete the following steps:
- From the navigation menu, navigate to Automate infrastructure > Clusters.
- On the Clusters page, Click Add Cluster.
Select Create a cluster.
Note: This procedure is for creating a cluster. If you have an existing cluster that you want to import, see Importing a target managed cluster to the hub cluster for those steps.
Enter a name for your cluster. For a bare metal cluster, this name cannot be an arbitrary name. It is associated with the cluster URL. Make sure that the cluster name that you use is consistent with your DNS and network setup.
Tip: You can view the
yaml
content updates as you enter the information in the console by setting the YAML switch to ON.- Select Bare Metal for the infrastructure provider.
- Specify a Release image that you want to use for the cluster. This identifies the version of the Red Hat OpenShift Container Platform image that is used to create the cluster. If the version that you want to use is available, you can select the image from the list of images. If the image that you want to use is not a standard image, you can enter the URL to the image that you want to use. See Release images for more information about release images.
- Select your provider connection from the available connections on the list. If you do not have one configured, or want to configure a new one, select Add connection. See Creating a provider connection for bare metal for more information about creating a provider connection.
- Optional: Configure additional labels for the cluster.
Select your hosts from the list of hosts that are associated with your provider connection. Select a minimum of three assets that are on the same bridge networks as the hypervisor.
The list of hosts is compiled from the existing Bare Metal Assets. If you do not have any Bare Metal Assets created, then you can create or import them before you continue with the creation process. Alternatively, you can select Disable certificate verification to bypass the requirement.
Configure the cluster networking options.
Parameter Description Required or Optional Base DNS domain
The base domain of your provider, which is used to create routes to your Red Hat OpenShift Container Platform cluster components. It is configured in your cluster provider’s DNS as a Start of Authority (SOA) record. This setting cannot be changed after the cluster is created.
Required
Network type
The pod network provider plug-in to deploy. Only the OpenShiftSDN plug-in is supported on OpenShift Container Platform 4.3. The OVNKubernetes plug-in is available as a technical preview on OpenShift Container Platform versions 4.3, 4.4, and 4.5. It is generally available on OpenShift Container Platform version 4.6, and later. OVNKubernetes must be used with IPv6. The default value is
OpenShiftSDN
.Required
Cluster network CIDR
A block of IP addresses from which pod IP addresses are allocated. The OpenShiftSDN network plug-in supports multiple cluster networks. The address blocks for multiple cluster networks must not overlap. Select address pools large enough to fit your anticipated workload. The default values is 10.128.0.0/14.
Required
Network host prefix
The subnet prefix length to assign to each individual node. For example, if hostPrefix is set to 23, then each node is assigned a /23 subnet out of the given CIDR, allowing for 510 (2^(32-23)-2) pod IP addresses. The default is 23.
Required
Service network CIDR
A block of IP addresses for services. OpenShiftSDN allows only one serviceNetwork block. The address must not overlap any other network block. The default value is 172.30.0.0/16.
Required
Machine CIDR
A block of IP addresses used by the OpenShift Container Platform hosts. The address block must not overlap any other network block. The default value is 10.0.0.0/16.
Required
Provisioning network CIDR
The CIDR for the network to use for provisioning. The example format is: 172.30.0.0/16.
Required
Provisioning network interface
The name of the network interface on the control plane nodes that are connected to the provisioning network.
Required
Provisioning network bridge
The name of the bridge on the hypervisor that is attached to the provisioning network.
Required
External network bridge
The name of the bridge of the hypervisor that is attached to the external network.
Required
DNS VIP
The Virtual IP to use for internal DNS communication. This parameter only applies to OpenShift Container Platform versions 4.4, and earlier.
Required for OpenShift Container Platform versions 4.4, and earlier.
API VIP
The Virtual IP to use for internal API communication. The DNS must be pre-configured with an A/AAAA or CNAME record so the
api.<cluster_name>.<Base DNS domain>
path resolves correctly.Required
Ingress VIP
The Virtual IP to use for ingress traffic. The DNS must be pre-configured with an A/AAAA or CNAME record so the
*.apps.<cluster_name>.<Base DNS domain>
path resolves correctly.Optional
- Optional: Update the advanced settings, if you want to change the setting for including a configmap.
Click Create. You can view your cluster details after the create and import process is complete.
Note: You do not have to run the
kubectl
command that is provided with the cluster details to import the cluster. When you create the cluster, it is automatically configured under the management of Red Hat Advanced Cluster Management for Kubernetes.
7.5.3. Accessing your cluster
To access a cluster that is managed by Red Hat Advanced Cluster Management for Kubernetes, complete the following steps:
- From the Red Hat Advanced Cluster Management for Kubernetes navigation menu, navigate to Automate infrastructure > Clusters.
- Select the name of the cluster that you created or want to access. The cluster details are displayed.
- Select Reveal credentials to view the user name and password for the cluster. Note these values to use when you log in to the cluster.
- Select Console URL to link to the cluster.
- Log in to the cluster by using the user ID and password that you found in step 3.
Select Actions > Launch to cluster for the cluster that you want to access.
Tip: If you already know the login credentials, you can access the cluster by selecting Actions > Launch to cluster for the cluster that you want to access.