Adding initial user doc/guide & materials for UPI AWS installation #1408
Conversation
openshift-ci-robot
added
the
size/XXL
|
/assign @wking |
|
/hold |
openshift-ci-robot
added
the
do-not-merge/hold
docs/user/aws/install.md
Outdated
|
|
||
| ### Cleanup Machine API Resources | ||
|
|
||
| TODO: Identify deleting the pre-populated, disconnected machine entries. |
There was a problem hiding this comment.
Having this as a post-Install cleanup step is silly. We should just not generate the resource for this install sequence, and let users decide what machines they want the machine api to adopt or mint thereafter.
There was a problem hiding this comment.
Having this as a post-Install cleanup step is silly...
I'm having trouble parsing this. What are you saying needs cleaning up?
You'll need to remove the bootstrap resources at this point (after receiving the bootstrap-complete event), but that's not silly, that's just "we're no longer bootstrapping". For machine-API adoption, that's currently the clusterid tag (#479, although I still wish the tag had better namespacing like openshift.io/cluster/{name}: owned or we just used kubernetes.io/cluster/{name}: owned for adoption). If you don't want machines adopted, just don't set that tag.
|
@wking This PR is ready to be merged. I am able to get the cluster up and adjust the worker pool to get a worker to launch. See the pods list in the doc. I think we should merge this and ping different groups to help sort out the changes/tolerances needed for DNS, routing, machine API, etc. for the klunky bits. I want to add an ASG example worker CloudFormation as well, but can tack it in with a discrete PR. Okay to merge? I don't know how to remove the hold, etc. |
|
/hold cancel Still needs lgtm from reviewer. I haven't tried this myself but reading through the documentation seems clear enough to me. |
openshift-ci-robot
removed
the
do-not-merge/hold
docs/user/aws/install_upi.md
Outdated
There was a problem hiding this comment.
This graphic has "Master Subnet (public) ..." etc., which is no longer the case for IPI AWS since #1045. And as of b29c9736a77 you have 05_cluster_master_nodes.yaml content like:
Master0Subnet:
Description: The subnets (recommend private) to launch the master nodes into
Type: AWS::EC2::Subnet::Idwhich suggests your CloudFormation configs are following the new IPI approach and putting all nodes in the private subnets. Can you update your graphic to match?
There was a problem hiding this comment.
On the "update the graphic" approach, while I think this graphic is great for communicating the structure, I'm concerned about maintaining it. Can you provide it as an SVG or similar to make it easier for others to edit it going forward? Also, if there's a preferred tool (Inkscape?) for editing it, that would be good to document in the commit message.
There was a problem hiding this comment.
Updated graphic. It's a Dia diagram. I could add the source material to a subdir. Path preference?
There was a problem hiding this comment.
Path preference?
Right next to the PNG, as docs/user/aws/images/install_upi_vpc.dia?
|
/cc @kalexand-rh for tracking docs |
|
@abhinavdahiya: GitHub didn't allow me to request PR reviews from the following users: tracking, for. Note that only openshift members and repo collaborators can review this PR, and authors cannot review their own PRs. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Moved the encrypted-AMI section from "Create Cluster" to "Running Cluster", because it has more value there folks inspecting their account and what has happened after the fact. Since we call out the running instances (by count with a picture) they may wonder "where did this unique AMI come from it is running"? It goes along with some of the other explanations we chase with as well. The Create Cluster section just has the whole IPI output, but no explanation of all wizardry under the covers, calling this particular wrinkle out there seemed a bit awkward to me.
|
@cuppett is out this week so I've picked this up and force-pushed to address some of the remaining review. Still unresolved:
|
| nodes. It can also be inspected for the set of required attributes needed for manual creation of the nodes, DNS entries | ||
| and load balancer configuration. | ||
|
|
||
| ## Monitor for `bootstrap-complete` and Initialization |
There was a problem hiding this comment.
I remember @wking recommending no using ticks in titles.
| file to an S3 bucket in your account and run this template to get a bootstrap node along with a predictable clean up of | ||
| the resources when complete. It can also be inspected for the set of required attributes via manual creation. | ||
|
|
||
| ## Launch Permanent Master Nodes |
There was a problem hiding this comment.
nit: Control Plane Nodes
|
/lgtm Let's merge this and iterate on this. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhinavdahiya, cuppett, sdodson The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
awscli will allow us to add CI for user-provided infrastructure, as documented by openshift/installer@39a926a918 (Adding initial user doc/guide & materials for UPI AWS installation, 2019-03-12, openshift/installer#1408). jq will allow us to simplify the templating which landed in openshift/release@7e56379d0b (templates/openshift: grab bootstrap log on failure, 2019-01-14, openshift/release#2633).
Dia is from Stephen Cuppett, replacing the PNG he'd submitted via 39a926a (Adding initial user doc/guide & materials for UPI AWS installation, 2019-03-12, openshift#1408). We aren't using the full file with all the layers yet, but I'm building it anyway because folks without Dia may still want to look at it ;). SVGs generated with: $ dia --version Dia version 0.97.3, compiled 18:02:21 Feb 11 2017 relink-dia.py embeds the referenced icons in the SVG with def and use [1,2] to avoid icon URIs like: file:///.../openshift/installer/docs/user/aws/images/./AWS-Architecture-Icons_SVG/Light-BG/_General%20AWS/AWS-General_AWS-Cloud_light-bg.svg Ideally Dia would have a way to do this sort of thing automatically with a command-line switch, but if it does, I can't find it. [1]: https://developer.mozilla.org/en-US/docs/Web/SVG/Element/def [2]: https://developer.mozilla.org/en-US/docs/Web/SVG/Element/use
We've had this since the templates landed in 39a926a (Adding initial user doc/guide & materials for UPI AWS installation, 2019-03-12, openshift#1408). But our Terraform modules contain no analog using aws_network_acl [1] and their presence in the UPI templates is breaking the ping-based network connectivity test [2]. [1]: https://www.terraform.io/docs/providers/aws/r/network_acl.html [2]: https://prow.svc.ci.openshift.org/view/gcs/origin-ci-test/logs/canary-openshift-ocp-installer-e2e-aws-upi-4.2/28#0:build-log.txt%3A10235
We've had this since the templates landed in 39a926a (Adding initial user doc/guide & materials for UPI AWS installation, 2019-03-12, openshift#1408). But our Terraform modules contain no analog using aws_network_acl [1] and their presence in the UPI templates is breaking the ping-based network connectivity test [2]. [1]: https://www.terraform.io/docs/providers/aws/r/network_acl.html [2]: https://prow.svc.ci.openshift.org/view/gcs/origin-ci-test/logs/canary-openshift-ocp-installer-e2e-aws-upi-4.2/28#0:build-log.txt%3A10235
8 participants
This is the start of providing an AWS UPI installation path. It contains CloudFormation templates to help document the basic mechanics of how our installation happens with AWS-native primitives. It also modifies the user doc section a bit to start identifying the major inflection points during an install for further explanation or enhancements in the process.
I've stubbed out the major steps and provided some words, I'll capture more words and examples in subsequent commits either in this PR or additional PRs if this gets merged.
cc @abhinavdahiya @wking