OSDOCS-10892 adding install config params for aws subnets #93385
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openshift-ci
bot
added
the
size/M
|
🤖 Thu May 15 19:35:42 - Prow CI generated the docs preview: |
tthvo
reviewed
May 14, 2025
| aws: | ||
| vpc: | ||
| subnets: | ||
| |Defines a list of existing subnets to be used in place of automatically generated subnets. You specify a subnet by providing the subnet ID and a list of roles that apply to that subnet. If you specify subnet IDs but do not specify roles for any subnet, the subnets' roles will be decided automatically. If you do not specify any roles, you must ensure that any other subnets in your VPC have the `kubernetes.io/cluster/<cluster-id>` or `kubernetes.io/cluster/unmanaged: true` tags, or the installation will fail. |
There was a problem hiding this comment.
Suggested change
| |Defines a list of existing subnets to be used in place of automatically generated subnets. You specify a subnet by providing the subnet ID and a list of roles that apply to that subnet. If you specify subnet IDs but do not specify roles for any subnet, the subnets' roles will be decided automatically. If you do not specify any roles, you must ensure that any other subnets in your VPC have the `kubernetes.io/cluster/<cluster-id>` or `kubernetes.io/cluster/unmanaged: true` tags, or the installation will fail. | |
| |A list of subnets in an existing VPC to be used in place of automatically created subnets. You specify a subnet by providing the subnet ID and an optional list of roles that apply to that subnet. If you specify subnet IDs but do not specify roles for any subnet, the subnets' roles will be decided automatically. If you do not specify any roles, you must ensure that any other subnets in your VPC have the `kubernetes.io/cluster/.*: .*` or `kubernetes.io/cluster/unmanaged: true` tags. | |
| The subnets must be part of the same `machineNetwork[].cidr` ranges that you specify. | |
| For a standard cluster, specify a public and a private subnet for each availability zone. | |
| For a private cluster, specify a private subnet for each availability zone. | |
| For clusters that use AWS Local Zones, you must add AWS Local Zone subnets to this list to ensure edge machine pool creation. |
Other than some nit on wordings. I want to verify the suggestions a bit:
- Subnets' roles are optional -> should make it clear
kubernetes.io/cluster/<cluster-id>is actually just a tag key. A complete tag consists of key and value (for example,kubernetes.io/cluster/my-cluster: owned). So, I suggest the use of.*, similar to here. But maybe you have a better alternative 😄- The notes about requirements for public/private and edge zone are still valid and should keep them. Though, we can reword.
| - id: | ||
| roles: | ||
| - type: | ||
| |One or more roles that apply to the subnet specified by `platform.aws.vpc.subnets.id`. If you specify a role for any subnet, each subnet must have at least one assigned role, and the "ClusterNode", "IngressControllerLB", "ControlPlaneExternalLB", and "ControlPlaneInternalLB" roles must be assigned to at least one subnet. However, if the cluster scope is internal, then the "ControlPlaneExternalLB" role is not required. |
There was a problem hiding this comment.
Suggested change
| |One or more roles that apply to the subnet specified by `platform.aws.vpc.subnets.id`. If you specify a role for any subnet, each subnet must have at least one assigned role, and the "ClusterNode", "IngressControllerLB", "ControlPlaneExternalLB", and "ControlPlaneInternalLB" roles must be assigned to at least one subnet. However, if the cluster scope is internal, then the "ControlPlaneExternalLB" role is not required. | |
| |One or more roles that apply to the subnet specified by `platform.aws.vpc.subnets.id`. If you specify a role for any subnet, each subnet must have at least one assigned role, and the `ClusterNode`, `BootstrapNode`, `IngressControllerLB`, `ControlPlaneExternalLB`, and `ControlPlaneInternalLB` roles must be assigned to at least one subnet. However, if the cluster scope is internal, then the `ControlPlaneExternalLB` role is not required. | |
| For subnets in AWS Local Zones, only `EdgeNode` role can be assigned. |
Verification:
BootstrapNodeis also a required role if subnet roles are specified. See EP (note: we change it toBootstrapNodeinstead ofBootstrap).EdgeNodeis exclusive for subnets in AWS Local/Wavelength zones and must be specified if such subnets are included.- Use backticks for code-like 😅 similar to this doc, maybe?
| roles: | ||
| - type: | ||
| |One or more roles that apply to the subnet specified by `platform.aws.vpc.subnets.id`. If you specify a role for any subnet, each subnet must have at least one assigned role, and the "ClusterNode", "IngressControllerLB", "ControlPlaneExternalLB", and "ControlPlaneInternalLB" roles must be assigned to at least one subnet. However, if the cluster scope is internal, then the "ControlPlaneExternalLB" role is not required. | ||
| |List of one or more role types. Valid values include "ClusterNode", "EdgeNode", "Bootstrap", "IngressControllerLB", "ControlPlaneExternalLB", and "ControlPlaneInternalLB". |
There was a problem hiding this comment.
Suggested change
| |List of one or more role types. Valid values include "ClusterNode", "EdgeNode", "Bootstrap", "IngressControllerLB", "ControlPlaneExternalLB", and "ControlPlaneInternalLB". | |
| |List of one or more role types. Valid values include `ClusterNode`, `EdgeNode`, `BootstrapNode`, `IngressControllerLB`, `ControlPlaneExternalLB`, and `ControlPlaneInternalLB`. |
BootstrapNode is the right one (i.e. we divert a bit from the EP which says Bootstrap)
Comment on lines
479
to
487
| - id: subnet-<id1> | ||
| roles: | ||
| - type: IngressControllerLB | ||
| - type: ControlPlaneLB | ||
| - type: Bootstrap | ||
| - id: subnet-<id2> | ||
| roles: | ||
| - type: ControlPlaneLB | ||
| - type: ClusterNode |
There was a problem hiding this comment.
platform:
aws:
vpc:
subnets:
- id: subnet-<id1>
- id: subnet-<id2>
- id: subnet-<id3>I suggest we can keep it simple by giving an example of specifying subnets without roles here.
- It is same as before but following new field convention.
- Since there is no explanation of such subnet roles here, it's best not to make it complex. And roles are optional also.
- Side note: There is no
ControlPlaneLBrole btw :D You might see it somewhere because we are lazy to say/typeControlPlaneExternalandControlPlaneInternalLBhaha
bscott-rh
force-pushed
the
OSDOCS-10892-install
branch
from
ff57e0e to
d6ce7c7
Compare
|
@bscott-rh: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
tthvo
reviewed
May 15, 2025
|
/cc @yunjiang29 |
|
/lgtm |
bscott-rh
added
the
peer-review-needed
skopacz1
added
the
peer-review-in-progress
skopacz1
reviewed
May 16, 2025
| - id: | ||
| roles: | ||
| - type: | ||
| |One or more roles that apply to the subnet specified by `platform.aws.vpc.subnets.id`. If you specify a role for any subnet, each subnet must have at least one assigned role, and the `ClusterNode`, `IngressControllerLB`, `ControlPlaneExternalLB`, `BootstrapNode` and `ControlPlaneInternalLB` roles must be assigned to at least one subnet. However, if the cluster scope is internal, then the `ControlPlaneExternalLB` role is not required. |
There was a problem hiding this comment.
This needs an Oxford comma here:
Suggested change
| |One or more roles that apply to the subnet specified by `platform.aws.vpc.subnets.id`. If you specify a role for any subnet, each subnet must have at least one assigned role, and the `ClusterNode`, `IngressControllerLB`, `ControlPlaneExternalLB`, `BootstrapNode` and `ControlPlaneInternalLB` roles must be assigned to at least one subnet. However, if the cluster scope is internal, then the `ControlPlaneExternalLB` role is not required. | |
| |One or more roles that apply to the subnet specified by `platform.aws.vpc.subnets.id`. If you specify a role for any subnet, each subnet must have at least one assigned role, and the `ClusterNode`, `IngressControllerLB`, `ControlPlaneExternalLB`, `BootstrapNode`, and `ControlPlaneInternalLB` roles must be assigned to at least one subnet. However, if the cluster scope is internal, then the `ControlPlaneExternalLB` role is not required. |
Comment on lines
+482
to
+484
| - id: subnet-<id1> | ||
| - id: subnet-<id2> | ||
| - id: subnet-<id3> |
There was a problem hiding this comment.
Idk if this would look better or worse, but maybe an underscore between ID and the numbers?
Suggested change
| - id: subnet-<id1> | |
| - id: subnet-<id2> | |
| - id: subnet-<id3> | |
| - id: subnet-<id_1> | |
| - id: subnet-<id_2> | |
| - id: subnet-<id_3> |
Up to you
skopacz1
added
peer-review-done
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Version(s):
4.19
Issue:
https://issues.redhat.com/browse/OSDOCS-10892
Link to docs preview:
QE review: