[enterprise-3.9] Updated AWS Configuration to include cluster labeling

_topic_map.yml

@@ -644,8 +644,6 @@ Topics:
   File: idling_applications
 - Name: Analyzing Cluster Capacity
   File: cluster_capacity
-- Name: Labeling Clusters for Amazon Web Services
-  File: aws_cluster_labeling
   Distros: openshift-origin,openshift-enterprise
 - Name: Revision History
   File: revhistory_admin_guide

install_config/configuring_aws.adoc

@@ -1,5 +1,5 @@
 [[install-config-configuring-aws]]
-= Configuring for AWS
+= Configuring for Amazon Web Services (AWS)
 {product-author}
 {product-version}
 :data-uri:
@@ -47,7 +47,7 @@ You can set the AWS configuration on your {product-title} master hosts in two wa
 During
 xref:../install_config/install/advanced_install.adoc#install-config-install-advanced-install[advanced installations],
 AWS can be configured using
-xref:../install_config/install/advanced_install.adoc#advanced-install-configuring-global-proxy[the `*openshift_cloudprovider_aws_access_key*`, `*openshift_cloudprovider_aws_secret_key*`, and `*openshift_cloudprovider_kind*` parameters], which are configurable in the inventory file.
+xref:../install_config/install/advanced_install.adoc#advanced-install-configuring-global-proxy[the `*openshift_cloudprovider_aws_access_key*`, `*openshift_cloudprovider_aws_secret_key*`, `*openshift_cloudprovider_kind*`, `*openshift_clusterid*` parameters], which are configurable in the inventory file.
 
 .Example AWS Configuration with Ansible
 
@@ -60,6 +60,8 @@ xref:../install_config/install/advanced_install.adoc#advanced-install-configurin
 #openshift_cloudprovider_aws_access_key="{{ lookup('env','AWS_ACCESS_KEY_ID') }}"
 #openshift_cloudprovider_aws_secret_key="{{ lookup('env','AWS_SECRET_ACCESS_KEY') }}"
 #
+#openshift_clusterid=unique_identifier_per_availablility_zone
+#
 # AWS (Using API Credentials)
 #openshift_cloudprovider_kind=aws
 #openshift_cloudprovider_aws_access_key=aws_access_key_id
@@ -218,3 +220,61 @@ $ systemctl restart origin-node
 ----
 endif::[]
 .  Add back any xref:../admin_guide/manage_nodes.adoc#updating-labels-on-nodes[labels on each node] that you previously had.
+
+[[aws-cluster-labeling]]
+== Labeling Clusters for AWS
+Starting with {product-title} version 3.7 of the `atomic-openshift-installer`,
+if you configured AWS provider credentials, you must also ensure that all
+instances are labeled. This topic describes how to label an existing
+{product-title} cluster running on AWS.
+
+To correctly identify which resources are associated with a cluster, tag
+resources with the key `kubernetes.io/cluster/<name>,Value=<clusterid>`, where:
+
+* `<name>` is a unique name for the cluster.
+* `<clusterid>` is a cluster identifier unique to the AWS Availability Zone.
+
+Tagging all resources with the `kubernetes.io/cluster/<name>,Value=<clusterid>`
+tag avoids potential issues with multiple zones or multiple clusters.
+
+[NOTE]
+====
+In versions prior to {product-title} version 3.6, this was
+`Key=KubernetesCluster,Value=clusterid`.
+====
+
+See xref:../architecture/core_concepts/pods_and_services.adoc#labels[Pods and
+Services] to learn more about labeling and tagging in {product-title}.
+
+[[aws-resources-that-need-tags]]
+=== Resources That Need Tags
+There are four types of resources that need to be tagged:
+
+* Instances
+* Security Groups
+* Load Balancers
+* EBS Volumes
+
+[[aws-tagging-an-existing-cluster]]
+=== Tagging an Existing Cluster
+
+A cluster uses the value of the `kubernetes.io/cluster/<name>,Value=<clusterid>` tag to determine which
+resources belong to the cluster. Therefore, you must tag all resources with the
+key `kubernetes.io/cluster/<name>,Value=<clusterid>` and have the same value for that key.
+
+. Tag all instances with `kubernetes.io/cluster/<name>,Value=<clusterid>` and a value to be used as the cluster ID.
+. Tag any security groups with `kubernetes.io/cluster/<name>,Value=<clusterid>` and the same value used for the instances.
+. Tag any load balancers with `kubernetes.io/cluster/<name>,Value=<clusterid>` and the same value used for the instances.
+. Tag all EBS volumes with `kubernetes.io/cluster/<name>,Value=<clusterid>` and the same value used for the instances. The EBS Volumes that need to be tagged can found with:
++
+[source,bash]
+----
+$ oc get pv -o json|jq '.items[].spec.awsElasticBlockStore.volumeID'
+----
+
+. Restart `atomic-openshift-master` and `atomic-openshift-node` on all nodes:
++
+[source,bash]
+----
+$ systemctl restart atomic-openshift-master-api atomic-openshift-master-controller atomic-openshift-node
+----

install_config/install/advanced_install.adoc

@@ -339,6 +339,9 @@ blocks everything not in the other variables.
 overriding `metricsPublicURL` in the master configuration for cluster metrics.
 If you alter this variable, ensure the host name is accessible via your router.
 
+|`openshift_clusterid`
+|This variable is a cluster identifier unique to the AWS Availability Zone. Using this avoids potential issues in Amazon Web Service
+(AWS) with multiple zones or multiple clusters. See xref:../../install_config/configuring_aws.adoc#aws-cluster-labeling[Labeling Clusters for AWS] for details.
 |===
 
 [[advanced-install-deployment-types]]

release_notes/ocp_3_7_release_notes.adoc

@@ -1421,7 +1421,7 @@ Linux Atomic Host version 7.4.2.1 or newer.
 Starting with 3.7 versions of the installer, if you configured AWS provider
 credentials, you must also ensure that all instances are labeled. Then, set the
 `openshift_clusterid` variable to the cluster ID. See
-xref:../admin_guide/aws_cluster_labeling.adoc#admin-guide-aws-cluster-labeling[Labeling
+xref:../install_config/configuring_aws.adoc#aws-cluster-labeling[Labeling
 Clusters for Amazon Web Services (AWS)] for more information.
 
 [discrete]