TELCODOCS-1874: Adding hub cluster RDS - Tech Preview

Author: rohennes

_topic_maps/_topic_map.yml

@@ -3332,6 +3332,8 @@ Topics:
   File: telco-core-rds
 - Name: Telco RAN DU reference design specifications
   File: telco-ran-du-rds
+- Name: Telco hub reference design specifications
+  File: telco-hub-rds
 - Name: Comparing cluster configurations
   Dir: cluster-compare
   Distros: openshift-origin,openshift-enterprise

images/telco-hub-cluster-rds-architecture.png

@@ -0,0 +1,78 @@
+:_mod-docs-content-type: REFERENCE
+[id="telco-hub-acm-observability_{context}"]
+= {rh-rhacm} Observability
+
+Cluster observability is provided by the multicluster engine and {rh-rhacm}.
+
+* Observability storage needs several `PV` resources and an S3 compatible bucket storage for long term retention of the metrics.
+* Storage requirements calculation is complex and dependent on the specific workloads and characteristics of managed clusters.
+Requirements for `PV` resources and the S3 bucket depend on many aspects including data retention, the number of managed clusters, managed cluster workloads, and so on.
+* Estimate the required storage for observability by using the observability sizing calculator in the {rh-rhacm} capacity planning repository.
+See the Red Hat Knowledgebase article link:https://access.redhat.com/articles/7103886[Calculating storage need for MultiClusterHub Observability on telco environments] for an explanation of using the calculator to estimate observability storage requirements.
+The below table uses inputs derived from the telco RAN DU RDS and the hub cluster RDS as representative values.
+
+[NOTE]
+====
+The following numbers are estimated.
+Tune the values for more accurate results.
+Add an engineering margin, for example +20%, to the results to account for potential estimation inaccuracies.
+====
+
+.Cluster requirements
+[cols="42%,42%,16%",options="header"]
+|====
+|Capacity planner input
+|Data source
+|Example value
+
+|Number of control plane nodes
+|Hub cluster RDS (scale) and telco RAN DU RDS (topology)
+|3500
+
+|Number of additional worker nodes
+|Hub cluster RDS (scale) and telco RAN DU RDS (topology)
+|0
+
+|Days for storage of data
+|Hub cluster RDS
+|15
+
+|Total Number of pods per cluster
+|Telco RAN DU RDS
+|120
+
+|Number of namespaces (excl OCP)
+|Telco RAN DU RDS
+|4
+
+|Number of metric samples per hour
+|Default value
+|12
+
+|Number of hours of retention in Receiver PV
+|Default value
+|24
+|====
+
+With these input values, the sizing calculator as described in the Red Hat Knowledgebase article link:https://access.redhat.com/articles/7103886[Calculating storage need for MultiClusterHub Observability on telco environments] indicates the following storage needs:
+
+.Storage requirements
+[options="header"]
+|====
+2+|alertmanager PV 2+|thanos-receive PV 2+|thanos-compactor PV
+
+|*Per replica* |*Total* |*Per replica* |*Total* 2+|*Total*
+
+|10GBi |30GBi |10GBi |30GBi 2+|100GBi
+|====
+
+.Storage requirements
+[options="header"]
+|====
+2+|thanos-rule PV 2+|thanos-store PV 2+|Object bucket^[1]^
+
+|*Per replica* |*Total* |*Per replica* |*Total* |*Per day* |*Total*
+
+|30GBi |90GBi |100GBi |300GBi |15GBi |101GBi
+|====
+[1] For object bucket we assume we disable downsampling, so only need to calculate storage for raw data.

images/telco-hub-cluster-reference-design-components.png

@@ -0,0 +1,7 @@
+[id="telco-hub-acmMCH-yaml"]
+.acmMCH.yaml
+[source,yaml]
+----
+link:https://raw.githubusercontent.com/openshift-kni/telco-reference/release-4.19/telco-hub/configuration/reference-crs/required/acm/acmMCH.yaml[role=include]
+----
+

modules/telco-hub-acm-observability.adoc

@@ -0,0 +1,35 @@
+:_mod-docs-content-type: CONCEPT
+[id="telco-hub-architecture-overview_{context}"]
+= Hub cluster architecture overview
+
+
+Use the features and components running on the management hub cluster to manage many other clusters in a hub-and-spoke topology.
+The hub cluster provides a highly-available and centralized interface for managing the configuration, lifecycle, and observability of the fleet of deployed clusters.
+
+[NOTE]
+====
+All management hub functionality can be deployed on a dedicated {product-title} cluster or as applications that are co-resident on an existing cluster.
+====
+
+Managed cluster lifecycle::
+Using a combination of Day 2 Operators, the hub cluster provides the necessary infrastructure to deploy and configure the fleet of clusters by using a GitOps methodology.
+Over the lifetime of the deployed clusters, further management of upgrades, scaling the number of clusters, node replacement, and other lifecycle management functions can be declaratively defined and rolled out.
+You can control the timing and progression of the rollout across the fleet.
+
+Monitoring::
++
+--
+The hub cluster provides monitoring and status reporting for the managed clusters through the Observability pillar of the {rh-rhacm} Operator.
+This includes aggregated metrics, alerts, and compliance monitoring through the Governance policy framework.
+--
+
+The Telco management hub reference design specifications (RDS) and the associated reference CRs describe the telco engineering and QE validated method for deploying, configuring and managing the lifecycle of telco managed cluster infrastructure.
+The reference configuration includes the installation and configuration of the hub cluster components on top of {product-title}.
+
+
+.Hub cluster reference design components
+image::telco-hub-cluster-reference-design-components.png[]
+
+.Hub cluster reference design architecture
+image::telco-hub-cluster-rds-architecture.png[]
+

modules/telco-hub-acmMCH-yaml.adoc

@@ -0,0 +1,28 @@
+:_mod-docs-content-type: REFERENCE
+[id="telco-hub-assisted-service_{context}"]
+= Assisted Service
+
+The Assisted Service is deployed with the multicluster engine and {rh-rhacm}.
+
+.Assisted Service storage requirements
+[cols="1,2", options="header"]
+|====
+|Persistent volume resource
+|Size (GB)
+
+|`imageStorage`
+|50
+
+|`filesystemStorage`
+|700
+
+|`dataBaseStorage`
+|20
+|====
+
+
+[role="_additional-resources"]
+.Additional resources
+
+* link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#enable-cim-disconnected[Enabling central infrastructure management in disconnected environments]
+

modules/telco-hub-architecture-overview.adoc

@@ -0,0 +1,23 @@
+:_mod-docs-content-type: REFERENCE
+[id="telco-hub-cluster-topology_{context}"]
+= Cluster topology
+
+In production settings, the {product-title} hub cluster must be highly available to maintain high availability of the management functions.
+
+Limits and requirements::
+Use a highly available cluster topology for the hub cluster, for example:
+* Compact (3 nodes combined control plane and compute nodes)
+* Standard (3 control plane nodes + N compute nodes)
+
+Engineering considerations::
+* In non-production settings, a {sno} cluster can be used for limited hub cluster functionality.
+* Certain capabilities, for example {rh-storage}, are not supported on {sno}.
+In this configuration some hub cluster features might not be available.
+* The number of optional compute nodes can vary depending on the scale of the specific use case.
+* Compute nodes can be added later as required.
+
+[role="_additional-resources"]
+.Additional resources
+
+* link:xref:../welcome/learn_more_about_openshift.adoc#architecture[{product-title} architecture]
+* link:xref:../post_installation_configuration/node-tasks.adoc#post-install-node-tasks[Postinstallation node tasks]

modules/telco-hub-assisted-service.adoc

@@ -0,0 +1,60 @@
+:_mod-docs-content-type: REFERENCE
+[id="telco-hub-engineering-considerations_{context}"]
+= Hub cluster engineering considerations
+
+The follwing sections describe the engineering considerations for hub cluster resource scaling targets and utilization.
+
+Reference configuration scaling target::
++
+--
+The resource requirements for the hub cluster are directly dependent on the number of clusters being managed by the hub, the number of policies used for each managed cluster, and the set of features that are configured in {rh-rhacm}.
+
+The hub cluster reference configuration can support up to 3500 managed {sno} clusters under the following conditions:
+
+* 5 policies for each cluster with hub-side templating configured with a 10 minute evaluation interval.
+
+* Only the following {rh-rhacm} add-ons are enabled:
+
+** Policy controller
+** Observability with the default configuration
+
+* You deploy managed clusters by using {ztp} in batches of up to 500 clusters at a time.
+
+The reference configuration is also validated for deployment and management of a mix of managed cluster topologies.
+The specific limits depend on the mix of cluster topologies, enabled {rh-rhacm} features, and so on.
+In a mixed topology scenario, the reference hub configuration is validated with a combination of 1200 {sno} clusters, 400 compact clusters (3 nodes combined control plane and compute nodes), and 230 standard clusters (3 control plane and 2 worker nodes).
+
+[NOTE]
+====
+Specific dimensioning requirements are highly dependent on the cluster topology and workload.
+See "Storage requirements" for details.
+Adjust cluster dimensions for the specific characteristics of your fleet of managed clusters.
+====
+--
+
+Resource utilization::
++
+--
+Resource utilization was measured for hub clusters in the following scenario:
+
+* Under reference load managing 3500 {sno} clusters
+* 3-node compact cluster for management hub running on dual socket bare-metal servers.
+* Network impairment of 50ms round-trip latency, 100Mbps bandwidth limit and 0.02% packet loss.
+
+.Resource utilization values
+[options="header"]
+|====
+|Metric |Peak Measurement
+|OpenShift Platform CPU |106 cores (52 cores per node)
+|OpenShift Platform memory |504G (168G per node)
+|Persistent storage |<pending data from scale test>
+|====
+--
+
+
+[role="_additional-resources"]
+.Additional resources
+
+* link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html-single/governance/index#template-comparison-table[Comparison of hub cluster and managed cluster templates]
+
+

modules/telco-hub-cluster-topology.adoc

@@ -0,0 +1,27 @@
+:_mod-docs-content-type: CONCEPT
+[id="telco-hub-git-repository_{context}"]
+= Git repository
+
+The telco management hub cluster supports a GitOps driven methodology for installing and managing the configuration of OpenShift clusters for various telco applications.
+This methodology requires an accessible Git repository that serves as the authoritative source of truth for cluster definitions and configuration artifacts.
+
+Red Hat does not offer a commercially supported Git server.
+An existing Git server provided in the production environment can be used.
+Gitea and Gogs are examples of self-hosted Git servers that you can use.
+
+The Git repository is typically provided in the production network external to the hub cluster.
+In a large-scale deployment, multiple hub clusters can use the same Git repository for maintaining the definitions of managed clusters. Using this approach, you can easily review the state of the complete network.
+As the source of truth for cluster definitions, the Git repository should be highly available and recoverable in disaster scenarios.
+
+[NOTE]
+====
+For disaster recovery and multi-hub considerations, run the Git repository separately from the hub cluster.
+====
+
+Limits and requirements::
+* A Git repository is required to support the {ztp} functions of the hub cluster, including installation, configuration, and lifecycle management of the managed clusters.
+* The Git repository must be accessible from the management cluster.
+
+Engineering considerations::
+* The Git repository is used by the GitOps Operator to ensure continuous deployment and a single source of truth for the applied configuration.
+

modules/telco-hub-engineering-considerations.adoc

@@ -0,0 +1,38 @@
+:_mod-docs-content-type: REFERENCE
+[id="telco-hub-gitops-operator-and-ztp-plugins_{context}"]
+= GitOps Operator and {ztp}
+
+New in this release::
+* No reference design updates in this release
+
+Description::
+GitOps Operator and {ztp} provide a GitOps-based infrastructure for managing cluster deployment and configuration.
+Cluster definitions and configurations are maintained as a declarative state in Git.
+You can apply `ClusterInstance` CRs to the hub cluster where the `SiteConfig` Operator renders them as installation CRs.
+In earlier releases, a {ztp} plugin supported the generation of installation CRs from `SiteConfig` CRs.
+This plugin is now deprecated.
+A separate {ztp} plugin is available to enable automatic wrapping of configuration CRs into policies based on the `PolicyGenerator` or `PolicyGenTemplate` CR.
++
+You can deploy and manage multiple versions of {product-title} on managed clusters by using the baseline reference configuration CRs.
+You can use custom CRs alongside the baseline CRs.
+To maintain multiple per-version policies simultaneously, use Git to manage the versions of the source and policy CRs by using `PolicyGenerator` or `PolicyGenTemplate` CRs.
+
+
+Limits and requirements::
+* 300 single node `SiteConfig` CRs can be synchronized for each ArgoCD application.
+You can use multiple applications to achieve the maximum number of clusters supported by a single hub cluster.
+* To ensure consistent and complete cleanup of managed clusters and their associated resources during cluster or node deletion, you must configure ArgoCD to use background deletion mode.
+
+Engineering considerations::
+* To avoid confusion or unintentional overwrite when updating content, use unique and distinguishable names for custom CRs in the `source-crs` directory and extra manifests.
+* Keep reference source CRs in a separate directory from custom CRs.
+This facilitates easy update of reference CRs as required.
+* To help with multiple versions, keep all source CRs and policy creation CRs in versioned Git repositories to ensure consistent generation of policies for each {product-title} version.
+
+[role="_additional-resources"]
+.Additional resources
+
+* link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/multicluster_engine_operator_with_red_hat_advanced_cluster_management/siteconfig-intro[ClusterInstance CR]
+* xref:../edge_computing/policygentemplate_for_ztp/ztp-configuring-managed-clusters-policies.adoc#ztp-configuring-managed-clusters-policies[PolicyGenTemplate CRs]
+* xref:../edge_computing/ztp-preparing-the-hub-cluster.adoc#ztp-preparing-the-ztp-git-repository-ver-ind_ztp-preparing-the-hub-cluster[{ztp} version independence]
+

modules/telco-hub-git-repository.adoc

@@ -0,0 +1,39 @@
+:_mod-docs-content-type: REFERENCE
+[id="telco-hub-hub-cluster-day-2-operators_{context}"]
+= Day 2 Operators in the hub cluster
+
+The management hub cluster relies on a set of Day 2 Operators to provide critical management services and infrastructure.
+Use Operator versions that match the set of managed cluster versions in your fleet.
+
+Install Day 2 Operators using Operator Lifecycle Manager (OLM) and `Subscription` CRs.
+`Subscription` CRs identify the specific Day 2 Operator to install, the catalog in which the operator is found, and the appropriate version channel for the Operator.
+By default OLM installs and attempt to keep Operators updated with the latest z-stream version available in the channel.
+By default all Subscriptions are set with an `installPlanApproval: Automatic` value.
+In this mode, OLM automatically installs new Operator versions when they are available in the catalog and channel.
+
+[NOTE]
+====
+Setting `installPlanApproval` to automatic exposes the risk of the Operator being updated outside of defined maintenance windows if the catalog index is updated to include newer Operator versions.
+In a disconnected environment where you are building and maintaining a curated set of Operators and versions in the catalog, and if you follow a strategy of creating a new catalog index for updated versions, the risk of the Operators being inadvertently updated is largely removed.
+However, if you want to further close this risk, the `Subscription` CRs can be set to `installPlanApproval: Manual` which prevents Operators from being updated without explicit administrator approval.
+====
+
+Limits and requirements::
+* When upgrading a Telco hub cluster, the versions of {product-title} and Operators must meet the requirements of all relevant compatibility matrixes.
+
+[role="_additional-resources"]
+.Additional resources
+
+* link:https://access.redhat.com/articles/7073065[Red Hat Advanced Cluster Management for Kubernetes 2.11 Support Matrix]
+* link:https://access.redhat.com/support/policy/updates/openshift_operators[OpenShift Operator lifecycles]
+
+* For more information about telco hub cluster update requirements, see:
+** xref:../edge_computing/ztp-preparing-the-hub-cluster.adoc#ztp-gitops-ztp-max-spoke-clusters_ztp-preparing-the-hub-cluster[Recommended hub cluster specifications and managed cluster limits for {ztp}].
+** link:https://access.redhat.com/articles/7073065[Red Hat Advanced Cluster Management for Kubernetes 2.11 Support Matrix]
+** link:https://access.redhat.com/support/policy/updates/openshift_operators[OpenShift Operator Life Cycles]
+
+* For more information about updating the hub cluster, see:
+** xref:../updating/understanding_updates/intro-to-updates.adoc#understanding-openshift-updates[Introduction to OpenShift updates]
+** link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.13/html-single/install/index#upgrading-hub[Upgrading your hub cluster]
+** xref:../edge_computing/ztp-updating-gitops.adoc#ztp-updating-gitops[Updating {ztp}]
+