From 2ababe7918358275e072c90f58a53de6a667892d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9CShauna=20Diaz=E2=80=9D?= Date: Mon, 22 Sep 2025 08:19:24 -0400 Subject: [PATCH] OSDOCS-14980: create stop-start-access assemblies MicroShift --- _topic_maps/_topic_map_ms.yml | 8 +++- .../microshift-cli-tools-introduction.adoc | 8 ++-- .../microshift-config-snippets.adoc | 2 + .../microshift-default-config-yaml.adoc | 6 +-- .../microshift-ingress-controller.adoc | 2 - ...=> microshift-node-access-kubeconfig.adoc} | 14 +++--- .../microshift-tls-config.adoc | 9 ++-- .../microshift-access-node.adoc | 24 +++++++++++ .../microshift-install-rpm.adoc | 43 ++++--------------- .../microshift-stop-start.adoc | 13 ++++++ .../microshift-uninstall-rpm.adoc | 2 +- ...shift-embed-in-rpm-ostree-offline-use.adoc | 2 +- .../microshift-embed-in-rpm-ostree.adoc | 10 ++--- .../microshift-authentication.adoc | 4 +- ...=> microshift-accessing-node-locally.adoc} | 8 ++-- ...roshift-accessing-node-open-firewall.adoc} | 9 ++-- ...> microshift-accessing-node-remotely.adoc} | 19 +++----- modules/microshift-accessing.adoc | 12 +++--- ...beconfig-generating-additional-files.adoc} | 4 +- .../microshift-kubeconfig-local-access.adoc | 4 +- modules/microshift-kubeconfig-overview.adoc | 10 ++--- modules/microshift-kubeconfig-remote-con.adoc | 6 +-- 22 files changed, 108 insertions(+), 111 deletions(-) rename microshift_configuring/{microshift-cluster-access-kubeconfig.adoc => microshift-node-access-kubeconfig.adoc} (57%) create mode 100644 microshift_install_rpm/microshift-access-node.adoc create mode 100644 microshift_install_rpm/microshift-stop-start.adoc rename modules/{microshift-accessing-cluster-locally.adoc => microshift-accessing-node-locally.adoc} (77%) rename modules/{microshift-accessing-cluster-open-firewall.adoc => microshift-accessing-node-open-firewall.adoc} (80%) rename modules/{microshift-accessing-cluster-remotely.adoc => microshift-accessing-node-remotely.adoc} (69%) rename modules/{microshift-kubeconfig-generating-remote-kcfiles.adoc => microshift-kubeconfig-generating-additional-files.adoc} (95%) diff --git a/_topic_maps/_topic_map_ms.yml b/_topic_maps/_topic_map_ms.yml index 5eb75850d220..cdd9246e62df 100644 --- a/_topic_maps/_topic_map_ms.yml +++ b/_topic_maps/_topic_map_ms.yml @@ -55,6 +55,10 @@ Distros: microshift Topics: - Name: Installing with an RPM package File: microshift-install-rpm +- Name: Stopping and starting MicroShift + File: microshift-stop-start +- Name: Accessing the MicroShift node with oc + File: microshift-access-node - Name: Uninstalling MicroShift File: microshift-uninstall-rpm --- @@ -127,8 +131,8 @@ Topics: File: microshift-disable-lvms-csi-provider-csi-snapshot - Name: Checking the status of greenboot health checks File: microshift-greenboot-checking-status -- Name: Cluster access with kubeconfig files - File: microshift-cluster-access-kubeconfig +- Name: Node access with kubeconfig files + File: microshift-node-access-kubeconfig - Name: Configuring MicroShift authentication and security Dir: microshift_auth_security Topics: diff --git a/microshift_cli_ref/microshift-cli-tools-introduction.adoc b/microshift_cli_ref/microshift-cli-tools-introduction.adoc index 9674accaea76..294ec73d3e77 100644 --- a/microshift_cli_ref/microshift-cli-tools-introduction.adoc +++ b/microshift_cli_ref/microshift-cli-tools-introduction.adoc @@ -6,7 +6,7 @@ include::_attributes/attributes-microshift.adoc[] toc::[] -You can use different command-line interface (CLI) tools to build, deploy, and manage a {microshift-short} cluster and workloads. With CLI tools, you can complete various administration and development operations from the terminal to manage deployments and interact with each component of the system. +You can use different command-line interface (CLI) tools to build, deploy, and manage a {microshift-short} node and workloads. With CLI tools, you can complete various administration and development operations from the terminal to manage deployments and interact with each component of the system. CLI tools available for use with {microshift-short} are the following: @@ -16,14 +16,12 @@ CLI tools available for use with {microshift-short} are the following: [NOTE] ==== -Commands for multi-node deployments, projects, and developer tooling are not supported by {product-title}. +Commands for multi-node deployments, projects, and developer tools are not supported by {microshift-short}. ==== -[role="_additional-resources"] [id="additional-resources_microshift-cli-tools"] +[role="_additional-resources"] == Additional resources * xref:..//microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Getting started with the OpenShift CLI] * link:https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html/cli_tools/openshift-cli-oc#cli-about-cli_cli-developer-commands[About the OpenShift CLI] ({OCP} documentation) -* link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9[{op-system-base-full} documentation for specific use cases] -* xref:../microshift_configuring/microshift-cluster-access-kubeconfig.adoc#microshift-kubeconfig[Cluster access with kubeconfig] \ No newline at end of file diff --git a/microshift_configuring/microshift-config-snippets.adoc b/microshift_configuring/microshift-config-snippets.adoc index 17520c76e953..b2340f12d2c9 100644 --- a/microshift_configuring/microshift-config-snippets.adoc +++ b/microshift_configuring/microshift-config-snippets.adoc @@ -4,6 +4,8 @@ include::_attributes/attributes-microshift.adoc[] = Using {microshift-short} configuration snippets :context: microshift-config-snippets +toc::[] + If you want to configure one or two settings, use the `/etc/microshift/config.d/` configuration directory to drop in configuration snippet YAML files. include::modules/microshift-how-config-snippets-work.adoc[leveloffset=+1] diff --git a/microshift_configuring/microshift-default-config-yaml.adoc b/microshift_configuring/microshift-default-config-yaml.adoc index b4b2f8ae7694..e7abaf6aca6f 100644 --- a/microshift_configuring/microshift-default-config-yaml.adoc +++ b/microshift_configuring/microshift-default-config-yaml.adoc @@ -16,8 +16,8 @@ include::modules/microshift-config-yaml.adoc[leveloffset=+1] include::modules/microshift-default-settings.adoc[leveloffset=+2] -//[id="additional-resources_microshift-using-config-yaml_{context}"] -//[role="_additional-resources"] -//== Additional resources +[id="additional-resources_microshift-using-config-yaml_{context}"] +[role="_additional-resources"] +== Additional resources //* xref:../microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file] diff --git a/microshift_configuring/microshift-ingress-controller.adoc b/microshift_configuring/microshift-ingress-controller.adoc index bad534ffc695..1e130c056941 100644 --- a/microshift_configuring/microshift-ingress-controller.adoc +++ b/microshift_configuring/microshift-ingress-controller.adoc @@ -20,6 +20,4 @@ include::modules/microshift-ingress-controller-tls-config.adoc[leveloffset=+2] [role="_additional-resources"] == Additional resources -//* xref:../microshift_configuring/microshift-config-snippets.adoc#microshift-config-snippets[Using configuration snippets] - * link:https://docs.redhat.com/container-platform/latest/networking/networking_operators/ingress-operator.html#nw-http2-haproxy_configuring-ingress[Enabling HTTP/2 Ingress connectivity] ({OCP} documentation) diff --git a/microshift_configuring/microshift-cluster-access-kubeconfig.adoc b/microshift_configuring/microshift-node-access-kubeconfig.adoc similarity index 57% rename from microshift_configuring/microshift-cluster-access-kubeconfig.adoc rename to microshift_configuring/microshift-node-access-kubeconfig.adoc index 77715abac87e..4417d08d6b88 100644 --- a/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +++ b/microshift_configuring/microshift-node-access-kubeconfig.adoc @@ -1,8 +1,8 @@ :_mod-docs-content-type: ASSEMBLY -[id="microshift-kubeconfig"] -= Cluster access with kubeconfig files +[id="microshift-node-access-kubeconfig"] += Node access with kubeconfig files include::_attributes/attributes-microshift.adoc[] -:context: microshift-kubeconfig +:context: microshift-node-access-kubeconfig toc::[] @@ -12,12 +12,12 @@ include::modules/microshift-kubeconfig-overview.adoc[leveloffset=+1] include::modules/microshift-kubeconfig-local-access.adoc[leveloffset=+1] -include::modules/microshift-accessing-cluster-locally.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-locally.adoc[leveloffset=+2] include::modules/microshift-kubeconfig-remote-con.adoc[leveloffset=+1] -include::modules/microshift-kubeconfig-generating-remote-kcfiles.adoc[leveloffset=+1] +include::modules/microshift-kubeconfig-generating-additional-files.adoc[leveloffset=+1] -include::modules/microshift-accessing-cluster-open-firewall.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-open-firewall.adoc[leveloffset=+2] -include::modules/microshift-accessing-cluster-remotely.adoc[leveloffset=+2] \ No newline at end of file +include::modules/microshift-accessing-node-remotely.adoc[leveloffset=+2] \ No newline at end of file diff --git a/microshift_configuring/microshift_auth_security/microshift-tls-config.adoc b/microshift_configuring/microshift_auth_security/microshift-tls-config.adoc index cd6e75865c65..c4bedf036a5d 100644 --- a/microshift_configuring/microshift_auth_security/microshift-tls-config.adoc +++ b/microshift_configuring/microshift_auth_security/microshift-tls-config.adoc @@ -19,9 +19,6 @@ include::modules/microshift-tls-default-cipher-suites.adoc[leveloffset=+2] == Additional resources //* xref:../microshift-config-snippets.adoc#microshift-config-snippets[Using configuration snippets] - -* To secure pods using security content constraints (SCC), see xref:../../microshift_running_apps/microshift-authentication.adoc#authentication-microshift[Pod security authentication and authorization] - -* xref:../../microshift_configuring/microshift-cluster-access-kubeconfig.adoc#microshift-kubeconfig[Cluster access with kubeconfig] - -* xref:../microshift_auth_security/microshift-custom-ca.adoc#microshift-custom-ca[Configuring custom certificate authorities] \ No newline at end of file +* xref:../../microshift_running_apps/microshift-authentication.adoc#authentication-microshift[Pod security authentication and authorization with SCC] +* xref:../../microshift_configuring/microshift-node-access-kubeconfig#microshift-node-access-kubeconfig[Cluster access with kubeconfig] +* xref:../microshift_auth_security/microshift-custom-ca.adoc#microshift-custom-ca[Configuring custom certificate authorities] diff --git a/microshift_install_rpm/microshift-access-node.adoc b/microshift_install_rpm/microshift-access-node.adoc new file mode 100644 index 000000000000..43137c555f85 --- /dev/null +++ b/microshift_install_rpm/microshift-access-node.adoc @@ -0,0 +1,24 @@ +:_mod-docs-content-type: ASSEMBLY +[id="microshift-access-node"] +include::_attributes/attributes-microshift.adoc[] += Accessing the {microshift-short} node with oc +:context: microshift-access-node + +toc::[] + +Access a {microshift-short} node by using the {oc-first}. + +include::modules/microshift-accessing.adoc[leveloffset=+1] + +include::modules/microshift-accessing-node-locally.adoc[leveloffset=+2] + +include::modules/microshift-accessing-node-open-firewall.adoc[leveloffset=+2] + +include::modules/microshift-accessing-node-remotely.adoc[leveloffset=+2] + +[id="additional-resources_microshift-access-node"] +[role="_additional-resources"] +== Additional resources + +* xref:../microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Installing the OpenShift CLI tool] +* xref:../microshift_configuring/microshift-node-access-kubeconfig.adoc#microshift-node-access-kubeconfig[Node access with kubeconfig files] diff --git a/microshift_install_rpm/microshift-install-rpm.adoc b/microshift_install_rpm/microshift-install-rpm.adoc index de0413a80e30..5654c0035a51 100644 --- a/microshift_install_rpm/microshift-install-rpm.adoc +++ b/microshift_install_rpm/microshift-install-rpm.adoc @@ -10,43 +10,16 @@ You can install {microshift-short} from an RPM package on a machine with a suppo include::modules/microshift-install-rpm-before.adoc[leveloffset=+1] -//additional resources for install rpm before module -[role="_additional-resources"] -.Additional resources -* xref:../microshift_install_get_ready/microshift-fips.adoc#microshift-fips[Using FIPS mode with {microshift-short}] - include::modules/microshift-install-rpm-preparing.adoc[leveloffset=+1] -//additional resources for install rpm prep module -[role="_additional-resources"] -.Additional resources -* Download the link:https://console.redhat.com/openshift/install/pull-secret[pull secret] from the Red Hat Hybrid Cloud Console -//* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file] -* For more options on partition configuration, read link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/performing_a_standard_rhel_9_installation/index#manual-partitioning_graphical-installation[Configuring Manual Partitioning] -* For more information about resizing your existing LVs to free up capacity in your VGs, read link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/configuring_and_managing_logical_volumes/index#managing-lvm-volume-groups_configuring-and-managing-logical-volumes[Managing LVM Volume Groups]. -* For more information about creating VGs and PVs, read link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_and_managing_logical_volumes/overview-of-logical-volume-management_configuring-and-managing-logical-volumes[Overview of logical volume management] - include::modules/microshift-install-rpms.adoc[leveloffset=+1] -[id="microshift-starting-and-stopping"] -== Starting and stopping {microshift-short} - -After installing all of the RPM packages you need, learn to start and stop the {microshift-short} service. - -include::modules/microshift-service-starting.adoc[leveloffset=+2] - -include::modules/microshift-service-stopping.adoc[leveloffset=+2] - -include::modules/microshift-accessing.adoc[leveloffset=+1] - -//additional resources for accessing module +[id="additional-resources_microshift-install-rpm"] [role="_additional-resources"] -.Additional resources - -* xref:../microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Installing the OpenShift CLI tool] - -include::modules/microshift-accessing-cluster-locally.adoc[leveloffset=+2] - -include::modules/microshift-accessing-cluster-open-firewall.adoc[leveloffset=+2] - -include::modules/microshift-accessing-cluster-remotely.adoc[leveloffset=+2] \ No newline at end of file +== Additional resources +* xref:../microshift_install_get_ready/microshift-fips.adoc#microshift-fips[Using FIPS mode with {microshift-short}] +* Download the link:https://console.redhat.com/openshift/install/pull-secret[pull secret] from the Red Hat Hybrid Cloud Console +//* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file] +* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/interactively_installing_rhel_over_the_network/customizing-the-system-in-the-installer_rhel-installer#manual-partitioning_customizing-the-system-in-the-installer[Configuring manual partitioning] +* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_and_managing_logical_volumes/overview-of-logical-volume-management_configuring-and-managing-logical-volumes[Overview of logical volume management] +* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/configuring_and_managing_logical_volumes/index#managing-lvm-volume-groups_configuring-and-managing-logical-volumes[Managing LVM Volume Groups] diff --git a/microshift_install_rpm/microshift-stop-start.adoc b/microshift_install_rpm/microshift-stop-start.adoc new file mode 100644 index 000000000000..6269d6805189 --- /dev/null +++ b/microshift_install_rpm/microshift-stop-start.adoc @@ -0,0 +1,13 @@ +:_mod-docs-content-type: ASSEMBLY +[id="microshift-stop-start"] +include::_attributes/attributes-microshift.adoc[] += Stopping and starting {microshift-short} +:context: microshift-stop-start + +toc::[] + +You can stop or start {microshift-short} for a variety of reasons, including a fresh installation, adding optional RPM packages, and troubleshooting. + +include::modules/microshift-service-starting.adoc[leveloffset=+1] + +include::modules/microshift-service-stopping.adoc[leveloffset=+1] diff --git a/microshift_install_rpm/microshift-uninstall-rpm.adoc b/microshift_install_rpm/microshift-uninstall-rpm.adoc index 5f8729020c19..a4400022daee 100644 --- a/microshift_install_rpm/microshift-uninstall-rpm.adoc +++ b/microshift_install_rpm/microshift-uninstall-rpm.adoc @@ -8,4 +8,4 @@ toc::[] Before you uninstall {microshift-short}, clean up all the {microshift-short} data and configuration by running the `microshift-cleanup-data` script. -include::modules/microshift-uninstall-microshift-rpms.adoc[leveloffset=+1] \ No newline at end of file +include::modules/microshift-uninstall-microshift-rpms.adoc[leveloffset=+1] diff --git a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc index 5a95bfa01a08..c214e79eb8d3 100644 --- a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc +++ b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc @@ -18,7 +18,7 @@ include::modules/microshift-adding-service-to-blueprint.adoc[leveloffset=+2] include::modules/microshift-creating-ostree-iso.adoc[leveloffset=+2] -[id="additional-resources_microshift-embed-microshift-offline-deployments_{context}"] +[id="additional-resources_microshift-embed-microshift-offline-deployments"] [role="_additional-resources"] == Additional resources diff --git a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc index e7587586417b..780701bd04dd 100644 --- a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc +++ b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc @@ -67,12 +67,8 @@ include::modules/microshift-embed-kickstart-in-iso.adoc[leveloffset=+2] include::modules/microshift-accessing.adoc[leveloffset=+1] -include::modules/microshift-accessing-cluster-locally.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-locally.adoc[leveloffset=+2] -include::modules/microshift-accessing-cluster-open-firewall.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-open-firewall.adoc[leveloffset=+2] -include::modules/microshift-accessing-cluster-remotely.adoc[leveloffset=+2] - -[role="_additional-resources"] -.Additional resources -* xref:../microshift_configuring/microshift-cluster-access-kubeconfig.adoc#microshift-kubeconfig-generating-remote-kcfiles_microshift-cluster-access-kubeconfig[Generating additional kubeconfig files for remote access] \ No newline at end of file +include::modules/microshift-accessing-node-remotely.adoc[leveloffset=+2] diff --git a/microshift_running_apps/microshift-authentication.adoc b/microshift_running_apps/microshift-authentication.adoc index 831e54764a28..34f3f260f6c6 100644 --- a/microshift_running_apps/microshift-authentication.adoc +++ b/microshift_running_apps/microshift-authentication.adoc @@ -1,12 +1,12 @@ :_mod-docs-content-type: ASSEMBLY [id="authentication-with-microshift"] -= Pod security authentication and authorization += Pod security authentication and authorization with SCC include::_attributes/attributes-microshift.adoc[] :context: authentication-microshift toc::[] -Pod security admission is an implementation of the link:https://kubernetes.io/docs/concepts/security/pod-security-standards/[Kubernetes pod security standards]. Use pod security admission to restrict the behavior of pods. +Pod security admission is an implementation of the link:https://kubernetes.io/docs/concepts/security/pod-security-standards/[Kubernetes pod security standards]. Use security content constraints (SCC) for pod security admission to restrict pod behavior. include::modules/microshift-security-context-constraints.adoc[leveloffset=+1] diff --git a/modules/microshift-accessing-cluster-locally.adoc b/modules/microshift-accessing-node-locally.adoc similarity index 77% rename from modules/microshift-accessing-cluster-locally.adoc rename to modules/microshift-accessing-node-locally.adoc index 8a86286ee012..061c0da0c437 100644 --- a/modules/microshift-accessing-cluster-locally.adoc +++ b/modules/microshift-accessing-node-locally.adoc @@ -2,13 +2,13 @@ // // microshift_install_rpm/microshift-install-rpm.adoc // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc -// microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="accessing-microshift-cluster-locally_{context}"] -= Accessing the {microshift-short} cluster locally +[id="accessing-microshift-node-locally_{context}"] += Accessing the {microshift-short} node locally -Use the following procedure to access the {microshift-short} cluster locally by using a `kubeconfig` file. +Use the following procedure to access the {microshift-short} node locally by using a `kubeconfig` file. .Prerequisites diff --git a/modules/microshift-accessing-cluster-open-firewall.adoc b/modules/microshift-accessing-node-open-firewall.adoc similarity index 80% rename from modules/microshift-accessing-cluster-open-firewall.adoc rename to modules/microshift-accessing-node-open-firewall.adoc index a716e5b420d1..fbe994e023f2 100644 --- a/modules/microshift-accessing-cluster-open-firewall.adoc +++ b/modules/microshift-accessing-node-open-firewall.adoc @@ -2,20 +2,19 @@ // // microshift_install_rpm/microshift-install-rpm.adoc // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc -// microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="microshift-accessing-cluster-open-firewall_{context}"] -= Opening the firewall for remote access to the {microshift-short} cluster +[id="microshift-accessing-node-open-firewall_{context}"] += Opening the firewall for remote access to the {microshift-short} node -Use the following procedure to open the firewall so that a remote user can access the {microshift-short} cluster. This procedure must be completed before a workstation user can access the cluster remotely. +Use the following procedure to open the firewall so that a remote user can access the {microshift-short} service. You must complete this procedure before a workstation user can access the node remotely. For this procedure, `user@microshift` is the user on the {microshift-short} host machine and is responsible for setting up that machine so that it can be accessed by a remote user on a separate workstation. .Prerequisites * You installed {oc-first}. - * Your account has cluster administration privileges. .Procedure diff --git a/modules/microshift-accessing-cluster-remotely.adoc b/modules/microshift-accessing-node-remotely.adoc similarity index 69% rename from modules/microshift-accessing-cluster-remotely.adoc rename to modules/microshift-accessing-node-remotely.adoc index d0bbcdb3d79f..e366d34b0287 100644 --- a/modules/microshift-accessing-cluster-remotely.adoc +++ b/modules/microshift-accessing-node-remotely.adoc @@ -2,21 +2,21 @@ // // microshift_install_rpm/microshift-install-rpm.adoc // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc -// microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// microshift_configuring/microshift-access-node-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="accessing-microshift-cluster-remotely_{context}"] -= Accessing the {microshift-short} cluster remotely +[id="accessing-microshift-node-remotely_{context}"] += Accessing the {microshift-short} node remotely -Use the following procedure to access the {microshift-short} cluster from a remote location by using a `kubeconfig` file. +Use the following procedure to access the {microshift-short} service from a remote location by using a `kubeconfig` file. The `user@workstation` login is used to access the host machine remotely. The `` value in the procedure is the name of the user that `user@workstation` logs in with to the {microshift-short} host. .Prerequisites * You installed {oc-first}. - * The `user@microshift` has opened the firewall from the local host. +* You generated additional `kubeconfig` files. .Procedure @@ -35,20 +35,13 @@ The `user@workstation` login is used to access the host machine remotely. The `< ---- <1> Replace the value, _<{microshift-short}_hostname>_, with the either the name or the IP address of the host running {microshift}. -. As `user@workstation`, copy the generated `kubeconfig` file that contains the host name or IP address you want to connect with from the {op-system-base} machine running {microshift-short} to your local machine by running the following command: +. As `user@workstation`, copy the generated `kubeconfig` file that contains the hostname or IP address you want to connect to from the {op-system-base} machine running {microshift-short} to your local machine by running the following command: + [source,terminal,subs="+quotes"] ---- [user@workstation]$ ssh __@$MICROSHIFT_MACHINE "sudo cat /var/lib/microshift/resources/kubeadmin/$MICROSHIFT_MACHINE/kubeconfig" > ~/.kube/config # <1> ---- <1> Replace __ with your SSH login credentials. -+ --- -[NOTE] -==== -To generate the `kubeconfig` files for this step, see link:https://docs.redhat.com/en/documentation/red_hat_build_of_microshift/{product-version}/html/configuring/microshift-kubeconfig#generating-additional-kubeconfig-files_microshift-kubeconfig[Generating additional kubeconfig files for remote access]. -==== --- . As `user@workstation`, update the permissions on your `~/.kube/config` file by running the following command: + diff --git a/modules/microshift-accessing.adoc b/modules/microshift-accessing.adoc index 6cb48d6bc401..4eec7890718a 100644 --- a/modules/microshift-accessing.adoc +++ b/modules/microshift-accessing.adoc @@ -4,11 +4,11 @@ // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc :_mod-docs-content-type: CONCEPT -[id="accessing-microshift-cluster_{context}"] -= How to access the {microshift-short} cluster +[id="accessing-microshift-node_{context}"] += How to access the {microshift-short} node -Use the procedures in this section to access the {microshift-short} cluster by using the {oc-first}. +Access the {microshift-short} service by using the {oc-first}. -* You can access the cluster from either the same machine running the {microshift-short} service or from a remote location. -* You can use this access to observe and administrate workloads. -* When using the following steps, choose the `kubeconfig` file that contains the host name or IP address you want to connect to and place it in the relevant directory. +* You can access the node from either the same machine running the {microshift-short} service or from a remote location. +* You can use this access to observe and administer workloads. +* When using the following steps, choose the `kubeconfig` file that contains the hostname or IP address you want to connect to and place it in the relevant directory. diff --git a/modules/microshift-kubeconfig-generating-remote-kcfiles.adoc b/modules/microshift-kubeconfig-generating-additional-files.adoc similarity index 95% rename from modules/microshift-kubeconfig-generating-remote-kcfiles.adoc rename to modules/microshift-kubeconfig-generating-additional-files.adoc index 68597b34200e..af9f512aff58 100644 --- a/modules/microshift-kubeconfig-generating-remote-kcfiles.adoc +++ b/modules/microshift-kubeconfig-generating-additional-files.adoc @@ -1,9 +1,9 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="generating-additional-kubeconfig-files_{context}"] +[id="microshift-kubeconfig-generating-additional-files_{context}"] = Generating additional kubeconfig files for remote access You can generate additional `kubeconfig` files to use if you need more host names or IP addresses than the default remote access file provides. diff --git a/modules/microshift-kubeconfig-local-access.adoc b/modules/microshift-kubeconfig-local-access.adoc index b559a3168f83..c60cfa37538c 100644 --- a/modules/microshift-kubeconfig-local-access.adoc +++ b/modules/microshift-kubeconfig-local-access.adoc @@ -1,12 +1,12 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: CONCEPT [id="microshift-kubeconfig-local-access_{context}"] = Local access kubeconfig file -The local access `kubeconfig` file is written to `/var/lib/microshift/resources/kubeadmin/kubeconfig`. This `kubeconfig` file provides access to the API server using `localhost`. Choose this file when you are connecting the cluster locally. +The local access `kubeconfig` file is written to `/var/lib/microshift/resources/kubeadmin/kubeconfig`. This `kubeconfig` file provides access to the API server by using `localhost`. Choose this file when you are connecting the cluster locally. .Example contents of `kubeconfig` for local access [source,yaml] diff --git a/modules/microshift-kubeconfig-overview.adoc b/modules/microshift-kubeconfig-overview.adoc index fe992ba6c364..2d4112ed4d2f 100644 --- a/modules/microshift-kubeconfig-overview.adoc +++ b/modules/microshift-kubeconfig-overview.adoc @@ -1,12 +1,12 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: CONCEPT [id="kubeconfig-files-overview_{context}"] = Kubeconfig files for configuring cluster access -The two categories of `kubeconfig` files used in {microshift-short} are local access and remote access. Every time {microshift-short} starts, a set of `kubeconfig` files for local and remote access to the API server are generated. These files are generated in the `/var/lib/microshift/resources/kubeadmin/` directory using preexisting configuration information. +The two categories of `kubeconfig` files used in {microshift-short} are local access and remote access. Every time {microshift-short} starts, a set of `kubeconfig` files for local and remote access to the API server are generated. These files are generated in the `/var/lib/microshift/resources/kubeadmin/` directory by using preexisting configuration information. Each access type requires a different authentication certificate signed by different Certificate Authorities (CAs). The generation of multiple `kubeconfig` files accommodates this need. @@ -14,7 +14,7 @@ You can use the appropriate `kubeconfig` file for the access type needed in each [NOTE] ==== -A `kubeconfig` file must exist for the cluster to be accessible. The values are applied from built-in default values or a `config.yaml`, if one was created. +A `kubeconfig` file must exist for the cluster to be accessible. The values are applied from built-in default values or a customized `config.yaml` file. ==== .Example contents of the kubeconfig files @@ -29,7 +29,7 @@ A `kubeconfig` file must exist for the cluster to be accessible. The values are └── microshift-rhel9 <4> └── kubeconfig ---- -<1> Local host name. The main IP address of the host is always the default. +<1> Local hostname. The main IP address of the host is always the default. <2> Subject Alternative Names for API server certificates. <3> DNS name. -<4> {microshift-short} host name. +<4> {microshift-short} hostname. diff --git a/modules/microshift-kubeconfig-remote-con.adoc b/modules/microshift-kubeconfig-remote-con.adoc index 4dabe5442df5..5f9a0dfbb3df 100644 --- a/modules/microshift-kubeconfig-remote-con.adoc +++ b/modules/microshift-kubeconfig-remote-con.adoc @@ -1,12 +1,12 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: CONCEPT [id="remote-access-con_{context}"] = Remote access kubeconfig files -When a {microshift-short} cluster connects to the API server from an external source, a certificate with all of the alternative names in the SAN field is used for validation. {microshift-short} generates a default `kubeconfig` for external access using the `hostname` value. The defaults are set in the ``, `` and `api.` parameter values of the default `kubeconfig` file. +When a {microshift-short} node connects to the API server from an external source, a certificate with all of the alternative names in the SAN field is used for validation. {microshift-short} generates a default `kubeconfig` for external access by using the `hostname` value. The defaults are set in the ``, `` and `api.` parameter values of the default `kubeconfig` file. The `/var/lib/microshift/resources/kubeadmin//kubeconfig` file uses the `hostname` of the machine, or `node.hostnameOverride` if that option is set, to reach the API server. The CA of the `kubeconfig` file is able to validate certificates when accessed externally. @@ -22,4 +22,4 @@ clusters: //line space was not showing on PV1 preview, so added extra blank line [id="remote-access-customization_{context}"] == Remote access customization -Multiple remote access `kubeconfig` file values can be generated for accessing the cluster with different IP addresses or host names. An additional `kubeconfig` file generates for each entry in the `apiServer.subjectAltNames` parameter. You can copy remote access `kubeconfig` files from the host during times of IP connectivity and then use them to access the API server from other workstations. +Multiple remote access `kubeconfig` file values can be generated for accessing the node with different IP addresses or host names. An additional `kubeconfig` file generates for each entry in the `apiServer.subjectAltNames` parameter. You can copy remote access `kubeconfig` files from the host during times of IP connectivity and then use them to access the API server from other workstations.