OSDOCS-16264#adding AWS EUSC#110585
Conversation
openshift-ci
Bot
added
the
size/S
|
🤖 Thu Apr 30 15:00:14 - Prow CI generated the docs preview: |
openshift-ci
Bot
added
size/M
brendan-daly-red-hat
changed the title
brendan-daly-red-hat
force-pushed
the
OSDOCS-16264
branch
from
dc64b48 to
f55fb3e
Compare
openshift-ci
Bot
added
size/M
brendan-daly-red-hat
force-pushed
the
OSDOCS-16264
branch
10 times, most recently
from
0f6c94e to
1d9b3c9
Compare
bscott-rh
left a comment
bscott-rh
left a comment
There was a problem hiding this comment.
Nice work! I left two suggestions for combining into one section for simplicity.
| :FeatureName: European Sovereign Cloud (EUSC) region | ||
| include::snippets/technology-preview.adoc[leveloffset=+1] | ||
|
|
||
| Installing an {product-title} cluster into the {aws-short} EUSC region helps maximize the sovereignty of your data and satisfy your organization's regulatory requirements. The {aws-short} EUSC is separate and independent from other {aws-short} regions. The infrastructure is located wholly within the European Union (EU). For more information, see "Establishing a European trust service provider for the {aws-short} European Sovereign Cloud". |
There was a problem hiding this comment.
I would move this to the previous section, between lines 58 and 59.
There was a problem hiding this comment.
Applied this change.
| The following list outlines the limitations that apply to installing an {product-title} cluster into the {aws-short} EUSC region: | ||
|
|
||
| * Only one region, `eusc-de-east-1`, and two zones in that region are available. | ||
|
|
||
| * The Amazon Machine Images (AMIs) for public {op-system-first} are not yet available in the EUSC region. As a workaround, until the AMI publication for {op-system} is extended to the EUSC region, you must edit your `install-config.yaml` file to specify a custom AMI in the `amiID` field. | ||
|
|
||
| * The {aws-short} Security Token Service (STS) is not supported. | ||
|
|
||
| * Support is not yet provided for installing a cluster into a shared Virtual Private Cloud (VPC). | ||
|
|
||
| * Support is not yet provided for bringing your own encryption keys. |
There was a problem hiding this comment.
I'd move this into an [IMPORTANT] admonition in the previous section, perhaps after you list the Brandenburg region name.
There was a problem hiding this comment.
Applied this change.
brendan-daly-red-hat
force-pushed
the
OSDOCS-16264
branch
2 times, most recently
from
67e6aa5 to
f7311ff
Compare
|
@tthvo, @patrickdillon, PTAL |
| * `us-west-1` (N. California) | ||
| * `us-west-2` (Oregon) | ||
|
|
||
| [id="installation-aws-eusc_region{context}"] |
There was a problem hiding this comment.
| [id="installation-aws-eusc_region{context}"] | |
| [id="installation-aws-eusc_region_{context}"] |
There was a problem hiding this comment.
Applied this change.
| * xref:../../installing/installing_aws/ipi/installing-aws-default.adoc#installing-aws-default[Quickly install a cluster] | ||
| * xref:../../installing/installing_aws/ipi/installing-aws-customizations.adoc#installing-aws-customizations[Install a cluster with cloud customizations on installer-provisioned infrastructure] | ||
| * xref:../../installing/installing_aws/upi/installing-aws-user-infra.adoc#installing-aws-user-infra[Installing a cluster on user-provisioned infrastructure in AWS by using CloudFormation templates] | ||
| * link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html[Establishing a European trust service provider for the {aws-short} European Sovereign Cloud ({aws-short} documentation)] |
There was a problem hiding this comment.
There was a problem hiding this comment.
Removed this entry and added the correct link as a hyperlink in the module text.
| :FeatureName: European Sovereign Cloud (EUSC) region | ||
| include::snippets/technology-preview.adoc[leveloffset=+1] | ||
|
|
||
| Installing an {product-title} cluster into the {aws-short} European Sovereign Cloud (EUSC) region helps maximize the sovereignty of your data and satisfy your organization's regulatory requirements. The {aws-short} EUSC is separate and independent from other {aws-short} regions. The infrastructure is located wholly within the European Union (EU). For more information, see "Establishing a European trust service provider for the {aws-short} European Sovereign Cloud". |
There was a problem hiding this comment.
The section "Establishing a European trust service provider for the {aws-short} European Sovereign Cloud" is supposed to be a hyperlink, right? It seems to be plain text to me (i.e. no link to aws annoucement)...
|
|
||
| * The {aws-short} Security Token Service (STS) is not supported. | ||
|
|
||
| * Support is not yet provided for installing a cluster into a shared Virtual Private Cloud (VPC). |
There was a problem hiding this comment.
| * Support is not yet provided for installing a cluster into a shared Virtual Private Cloud (VPC). | |
| * Installing a cluster into a shared Virtual Private Cloud (VPC) with a cross-account private hosted zone is not yet supported. |
Installing into a shared or existing VPC is indeed supported. However, if the user chooses to utilize a private hosted zone from another account (see EP and openshift doc), this is not supported.
Sorry, if I was not clear before 😅
There was a problem hiding this comment.
Applied this change.
|
|
||
| * The Amazon Machine Images (AMIs) for public {op-system-first} are not yet available in the EUSC region. As a workaround, until the AMI publication for {op-system} is extended to the EUSC region, you must edit your `install-config.yaml` file to specify a custom AMI in the `amiID` field. | ||
|
|
||
| * The {aws-short} Security Token Service (STS) is not supported. |
There was a problem hiding this comment.
| * The {aws-short} Security Token Service (STS) is not supported. | |
| * The {aws-short} Security Token Service (STS) is not yet supported. |
For consistency with other below entries.
There was a problem hiding this comment.
Applied this change.
|
|
||
| * Support is not yet provided for installing a cluster into a shared Virtual Private Cloud (VPC). | ||
|
|
||
| * Support is not yet provided for bringing your own encryption keys. |
There was a problem hiding this comment.
| * Support is not yet provided for bringing your own encryption keys. |
Technically, it is supported. I have tested this scenario myself, but waiting on storage team to confirm storage testing.
There was a problem hiding this comment.
@tthvo as soon as I manage to get a cluster to start up I will test it and let you know, but it should work imo
There was a problem hiding this comment.
Support is not yet provided for bringing your own encryption keys.
@brendan-daly-red-hat can we remove this line as it's confirmed to be supported?
There was a problem hiding this comment.
Applied this change.
brendan-daly-red-hat
force-pushed
the
OSDOCS-16264
branch
4 times, most recently
from
46d196d to
2c6d2ca
Compare
brendan-daly-red-hat
force-pushed
the
OSDOCS-16264
branch
from
2c6d2ca to
f3cd50f
Compare
|
@brendan-daly-red-hat: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/label merge-review-needed |
openshift-ci
Bot
added
the
merge-review-needed
|
|
||
| [IMPORTANT] | ||
| ==== | ||
|
|
| * Support is not yet provided for the {aws-short} Security Token Service (STS). | ||
|
|
||
| * Support is not yet provided for installing a cluster into a shared Virtual Private Cloud (VPC) with a cross-account private hosted zone. | ||
|
|
There was a problem hiding this comment.
not a merge blocker, but i have no idea if dita will trip on extraneous line spaces in admonitions; something to consider
ShaunaDiaz
added
branch/enterprise-4.22
and removed
merge-review-needed
|
/cherrypick enterprise-4.22 |
|
@ShaunaDiaz: new pull request created: #111231 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
8 participants
Versions:
4.22+
Issue:
https://redhat.atlassian.net/browse/OSDOCS-16264
Link to docs preview:
QE review:
Additional information: