From f8ff8f1f72cbef0123bc61da96e31f4f559af23a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E2=80=9CShauna=20Diaz=E2=80=9D?= Date: Mon, 22 Sep 2025 08:19:24 -0400 Subject: [PATCH] OSDOCS-14980-418: manual CP --- _topic_maps/_topic_map_ms.yml | 23 ++++++---- .../microshift-cli-tools-introduction.adoc | 8 ++-- .../microshift-config-snippets.adoc | 2 + .../microshift-default-config-yaml.adoc | 6 +-- .../microshift-ingress-controller.adoc | 1 - ...=> microshift-node-access-kubeconfig.adoc} | 14 +++--- .../microshift_auth_security/_attributes | 1 + .../microshift_auth_security/images | 1 + .../microshift-audit-logs-config.adoc | 0 .../microshift-custom-ca.adoc | 0 .../microshift_auth_security/modules | 1 + .../microshift_auth_security/snippets | 1 + .../microshift-access-node.adoc | 24 +++++++++++ .../microshift-install-rpm.adoc | 43 ++++--------------- .../microshift-stop-start.adoc | 13 ++++++ .../microshift-uninstall-rpm.adoc | 2 +- ...shift-embed-in-rpm-ostree-offline-use.adoc | 2 +- .../microshift-embed-in-rpm-ostree.adoc | 10 ++--- .../microshift-authentication.adoc | 4 +- ...=> microshift-accessing-node-locally.adoc} | 8 ++-- ...roshift-accessing-node-open-firewall.adoc} | 11 +++-- ...> microshift-accessing-node-remotely.adoc} | 22 ++++------ modules/microshift-accessing.adoc | 12 +++--- ...beconfig-generating-additional-files.adoc} | 4 +- .../microshift-kubeconfig-local-access.adoc | 4 +- modules/microshift-kubeconfig-overview.adoc | 10 ++--- modules/microshift-kubeconfig-remote-con.adoc | 6 +-- 27 files changed, 122 insertions(+), 111 deletions(-) rename microshift_configuring/{microshift-cluster-access-kubeconfig.adoc => microshift-node-access-kubeconfig.adoc} (57%) create mode 120000 microshift_configuring/microshift_auth_security/_attributes create mode 120000 microshift_configuring/microshift_auth_security/images rename microshift_configuring/{ => microshift_auth_security}/microshift-audit-logs-config.adoc (100%) rename microshift_configuring/{ => microshift_auth_security}/microshift-custom-ca.adoc (100%) create mode 120000 microshift_configuring/microshift_auth_security/modules create mode 120000 microshift_configuring/microshift_auth_security/snippets create mode 100644 microshift_install_rpm/microshift-access-node.adoc create mode 100644 microshift_install_rpm/microshift-stop-start.adoc rename modules/{microshift-accessing-cluster-locally.adoc => microshift-accessing-node-locally.adoc} (77%) rename modules/{microshift-accessing-cluster-open-firewall.adoc => microshift-accessing-node-open-firewall.adoc} (77%) rename modules/{microshift-accessing-cluster-remotely.adoc => microshift-accessing-node-remotely.adoc} (64%) rename modules/{microshift-kubeconfig-generating-remote-kcfiles.adoc => microshift-kubeconfig-generating-additional-files.adoc} (95%) diff --git a/_topic_maps/_topic_map_ms.yml b/_topic_maps/_topic_map_ms.yml index 8897bfe381a3..210ce6def4be 100644 --- a/_topic_maps/_topic_map_ms.yml +++ b/_topic_maps/_topic_map_ms.yml @@ -55,6 +55,10 @@ Distros: microshift Topics: - Name: Installing with an RPM package File: microshift-install-rpm +- Name: Stopping and starting MicroShift + File: microshift-stop-start +- Name: Accessing the MicroShift node with oc + File: microshift-access-node - Name: Uninstalling MicroShift File: microshift-uninstall-rpm --- @@ -132,16 +136,19 @@ Topics: File: microshift-nw-ipv6-config - Name: Using ingress control for a MicroShift cluster File: microshift-ingress-controller -- Name: Cluster access with kubeconfig files - File: microshift-cluster-access-kubeconfig -- Name: Using custom certificate authorities - File: microshift-custom-ca -- Name: Checking the status of greenboot health checks - File: microshift-greenboot-checking-status -- Name: Configuring audit logging policies - File: microshift-audit-logs-config - Name: Disabling LVMS CSI provider and CSI snapshot File: microshift-disable-lvms-csi-provider-csi-snapshot +- Name: Checking the status of greenboot health checks + File: microshift-greenboot-checking-status +- Name: Node access with kubeconfig files + File: microshift-node-access-kubeconfig +- Name: Configuring MicroShift authentication and security + Dir: microshift_auth_security + Topics: + - Name: Using custom certificate authorities + File: microshift-custom-ca + - Name: Configuring audit logging policies + File: microshift-audit-logs-config - Name: Configuring low latency Dir: microshift_low_latency Topics: diff --git a/microshift_cli_ref/microshift-cli-tools-introduction.adoc b/microshift_cli_ref/microshift-cli-tools-introduction.adoc index 9674accaea76..294ec73d3e77 100644 --- a/microshift_cli_ref/microshift-cli-tools-introduction.adoc +++ b/microshift_cli_ref/microshift-cli-tools-introduction.adoc @@ -6,7 +6,7 @@ include::_attributes/attributes-microshift.adoc[] toc::[] -You can use different command-line interface (CLI) tools to build, deploy, and manage a {microshift-short} cluster and workloads. With CLI tools, you can complete various administration and development operations from the terminal to manage deployments and interact with each component of the system. +You can use different command-line interface (CLI) tools to build, deploy, and manage a {microshift-short} node and workloads. With CLI tools, you can complete various administration and development operations from the terminal to manage deployments and interact with each component of the system. CLI tools available for use with {microshift-short} are the following: @@ -16,14 +16,12 @@ CLI tools available for use with {microshift-short} are the following: [NOTE] ==== -Commands for multi-node deployments, projects, and developer tooling are not supported by {product-title}. +Commands for multi-node deployments, projects, and developer tools are not supported by {microshift-short}. ==== -[role="_additional-resources"] [id="additional-resources_microshift-cli-tools"] +[role="_additional-resources"] == Additional resources * xref:..//microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Getting started with the OpenShift CLI] * link:https://docs.redhat.com/en/documentation/openshift_container_platform/{ocp-version}/html/cli_tools/openshift-cli-oc#cli-about-cli_cli-developer-commands[About the OpenShift CLI] ({OCP} documentation) -* link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9[{op-system-base-full} documentation for specific use cases] -* xref:../microshift_configuring/microshift-cluster-access-kubeconfig.adoc#microshift-kubeconfig[Cluster access with kubeconfig] \ No newline at end of file diff --git a/microshift_configuring/microshift-config-snippets.adoc b/microshift_configuring/microshift-config-snippets.adoc index 17520c76e953..b2340f12d2c9 100644 --- a/microshift_configuring/microshift-config-snippets.adoc +++ b/microshift_configuring/microshift-config-snippets.adoc @@ -4,6 +4,8 @@ include::_attributes/attributes-microshift.adoc[] = Using {microshift-short} configuration snippets :context: microshift-config-snippets +toc::[] + If you want to configure one or two settings, use the `/etc/microshift/config.d/` configuration directory to drop in configuration snippet YAML files. include::modules/microshift-how-config-snippets-work.adoc[leveloffset=+1] diff --git a/microshift_configuring/microshift-default-config-yaml.adoc b/microshift_configuring/microshift-default-config-yaml.adoc index b4b2f8ae7694..e7abaf6aca6f 100644 --- a/microshift_configuring/microshift-default-config-yaml.adoc +++ b/microshift_configuring/microshift-default-config-yaml.adoc @@ -16,8 +16,8 @@ include::modules/microshift-config-yaml.adoc[leveloffset=+1] include::modules/microshift-default-settings.adoc[leveloffset=+2] -//[id="additional-resources_microshift-using-config-yaml_{context}"] -//[role="_additional-resources"] -//== Additional resources +[id="additional-resources_microshift-using-config-yaml_{context}"] +[role="_additional-resources"] +== Additional resources //* xref:../microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file] diff --git a/microshift_configuring/microshift-ingress-controller.adoc b/microshift_configuring/microshift-ingress-controller.adoc index 318952d11ec1..2c406213d0eb 100644 --- a/microshift_configuring/microshift-ingress-controller.adoc +++ b/microshift_configuring/microshift-ingress-controller.adoc @@ -17,5 +17,4 @@ include::modules/microshift-ingress-controller-config.adoc[leveloffset=+1] == Additional resources //* xref:../microshift_configuring/microshift-config-snippets.adoc#microshift-config-snippets[Using configuration snippets] - * link:https://docs.openshift.com/container-platform/4.17/networking/networking_operators/ingress-operator.html#nw-http2-haproxy_configuring-ingress[Enabling HTTP/2 Ingress connectivity] (OpenShift Container Platform documentation) diff --git a/microshift_configuring/microshift-cluster-access-kubeconfig.adoc b/microshift_configuring/microshift-node-access-kubeconfig.adoc similarity index 57% rename from microshift_configuring/microshift-cluster-access-kubeconfig.adoc rename to microshift_configuring/microshift-node-access-kubeconfig.adoc index 77715abac87e..4417d08d6b88 100644 --- a/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +++ b/microshift_configuring/microshift-node-access-kubeconfig.adoc @@ -1,8 +1,8 @@ :_mod-docs-content-type: ASSEMBLY -[id="microshift-kubeconfig"] -= Cluster access with kubeconfig files +[id="microshift-node-access-kubeconfig"] += Node access with kubeconfig files include::_attributes/attributes-microshift.adoc[] -:context: microshift-kubeconfig +:context: microshift-node-access-kubeconfig toc::[] @@ -12,12 +12,12 @@ include::modules/microshift-kubeconfig-overview.adoc[leveloffset=+1] include::modules/microshift-kubeconfig-local-access.adoc[leveloffset=+1] -include::modules/microshift-accessing-cluster-locally.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-locally.adoc[leveloffset=+2] include::modules/microshift-kubeconfig-remote-con.adoc[leveloffset=+1] -include::modules/microshift-kubeconfig-generating-remote-kcfiles.adoc[leveloffset=+1] +include::modules/microshift-kubeconfig-generating-additional-files.adoc[leveloffset=+1] -include::modules/microshift-accessing-cluster-open-firewall.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-open-firewall.adoc[leveloffset=+2] -include::modules/microshift-accessing-cluster-remotely.adoc[leveloffset=+2] \ No newline at end of file +include::modules/microshift-accessing-node-remotely.adoc[leveloffset=+2] \ No newline at end of file diff --git a/microshift_configuring/microshift_auth_security/_attributes b/microshift_configuring/microshift_auth_security/_attributes new file mode 120000 index 000000000000..20cc1dcb77bf --- /dev/null +++ b/microshift_configuring/microshift_auth_security/_attributes @@ -0,0 +1 @@ +../../_attributes/ \ No newline at end of file diff --git a/microshift_configuring/microshift_auth_security/images b/microshift_configuring/microshift_auth_security/images new file mode 120000 index 000000000000..847b03ed0541 --- /dev/null +++ b/microshift_configuring/microshift_auth_security/images @@ -0,0 +1 @@ +../../images/ \ No newline at end of file diff --git a/microshift_configuring/microshift-audit-logs-config.adoc b/microshift_configuring/microshift_auth_security/microshift-audit-logs-config.adoc similarity index 100% rename from microshift_configuring/microshift-audit-logs-config.adoc rename to microshift_configuring/microshift_auth_security/microshift-audit-logs-config.adoc diff --git a/microshift_configuring/microshift-custom-ca.adoc b/microshift_configuring/microshift_auth_security/microshift-custom-ca.adoc similarity index 100% rename from microshift_configuring/microshift-custom-ca.adoc rename to microshift_configuring/microshift_auth_security/microshift-custom-ca.adoc diff --git a/microshift_configuring/microshift_auth_security/modules b/microshift_configuring/microshift_auth_security/modules new file mode 120000 index 000000000000..36719b9de743 --- /dev/null +++ b/microshift_configuring/microshift_auth_security/modules @@ -0,0 +1 @@ +../../modules/ \ No newline at end of file diff --git a/microshift_configuring/microshift_auth_security/snippets b/microshift_configuring/microshift_auth_security/snippets new file mode 120000 index 000000000000..5a3f5add140e --- /dev/null +++ b/microshift_configuring/microshift_auth_security/snippets @@ -0,0 +1 @@ +../../snippets/ \ No newline at end of file diff --git a/microshift_install_rpm/microshift-access-node.adoc b/microshift_install_rpm/microshift-access-node.adoc new file mode 100644 index 000000000000..43137c555f85 --- /dev/null +++ b/microshift_install_rpm/microshift-access-node.adoc @@ -0,0 +1,24 @@ +:_mod-docs-content-type: ASSEMBLY +[id="microshift-access-node"] +include::_attributes/attributes-microshift.adoc[] += Accessing the {microshift-short} node with oc +:context: microshift-access-node + +toc::[] + +Access a {microshift-short} node by using the {oc-first}. + +include::modules/microshift-accessing.adoc[leveloffset=+1] + +include::modules/microshift-accessing-node-locally.adoc[leveloffset=+2] + +include::modules/microshift-accessing-node-open-firewall.adoc[leveloffset=+2] + +include::modules/microshift-accessing-node-remotely.adoc[leveloffset=+2] + +[id="additional-resources_microshift-access-node"] +[role="_additional-resources"] +== Additional resources + +* xref:../microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Installing the OpenShift CLI tool] +* xref:../microshift_configuring/microshift-node-access-kubeconfig.adoc#microshift-node-access-kubeconfig[Node access with kubeconfig files] diff --git a/microshift_install_rpm/microshift-install-rpm.adoc b/microshift_install_rpm/microshift-install-rpm.adoc index de0413a80e30..5654c0035a51 100644 --- a/microshift_install_rpm/microshift-install-rpm.adoc +++ b/microshift_install_rpm/microshift-install-rpm.adoc @@ -10,43 +10,16 @@ You can install {microshift-short} from an RPM package on a machine with a suppo include::modules/microshift-install-rpm-before.adoc[leveloffset=+1] -//additional resources for install rpm before module -[role="_additional-resources"] -.Additional resources -* xref:../microshift_install_get_ready/microshift-fips.adoc#microshift-fips[Using FIPS mode with {microshift-short}] - include::modules/microshift-install-rpm-preparing.adoc[leveloffset=+1] -//additional resources for install rpm prep module -[role="_additional-resources"] -.Additional resources -* Download the link:https://console.redhat.com/openshift/install/pull-secret[pull secret] from the Red Hat Hybrid Cloud Console -//* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file] -* For more options on partition configuration, read link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/performing_a_standard_rhel_9_installation/index#manual-partitioning_graphical-installation[Configuring Manual Partitioning] -* For more information about resizing your existing LVs to free up capacity in your VGs, read link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/configuring_and_managing_logical_volumes/index#managing-lvm-volume-groups_configuring-and-managing-logical-volumes[Managing LVM Volume Groups]. -* For more information about creating VGs and PVs, read link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_and_managing_logical_volumes/overview-of-logical-volume-management_configuring-and-managing-logical-volumes[Overview of logical volume management] - include::modules/microshift-install-rpms.adoc[leveloffset=+1] -[id="microshift-starting-and-stopping"] -== Starting and stopping {microshift-short} - -After installing all of the RPM packages you need, learn to start and stop the {microshift-short} service. - -include::modules/microshift-service-starting.adoc[leveloffset=+2] - -include::modules/microshift-service-stopping.adoc[leveloffset=+2] - -include::modules/microshift-accessing.adoc[leveloffset=+1] - -//additional resources for accessing module +[id="additional-resources_microshift-install-rpm"] [role="_additional-resources"] -.Additional resources - -* xref:../microshift_cli_ref/microshift-oc-cli-install.adoc#microshift-oc-cli-install[Installing the OpenShift CLI tool] - -include::modules/microshift-accessing-cluster-locally.adoc[leveloffset=+2] - -include::modules/microshift-accessing-cluster-open-firewall.adoc[leveloffset=+2] - -include::modules/microshift-accessing-cluster-remotely.adoc[leveloffset=+2] \ No newline at end of file +== Additional resources +* xref:../microshift_install_get_ready/microshift-fips.adoc#microshift-fips[Using FIPS mode with {microshift-short}] +* Download the link:https://console.redhat.com/openshift/install/pull-secret[pull secret] from the Red Hat Hybrid Cloud Console +//* xref:../microshift_configuring/microshift-using-config-yaml.adoc#microshift-using-config-yaml[Customizing {microshift-short} by using the configuration file] +* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/interactively_installing_rhel_over_the_network/customizing-the-system-in-the-installer_rhel-installer#manual-partitioning_customizing-the-system-in-the-installer[Configuring manual partitioning] +* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/configuring_and_managing_logical_volumes/overview-of-logical-volume-management_configuring-and-managing-logical-volumes[Overview of logical volume management] +* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/configuring_and_managing_logical_volumes/index#managing-lvm-volume-groups_configuring-and-managing-logical-volumes[Managing LVM Volume Groups] diff --git a/microshift_install_rpm/microshift-stop-start.adoc b/microshift_install_rpm/microshift-stop-start.adoc new file mode 100644 index 000000000000..6269d6805189 --- /dev/null +++ b/microshift_install_rpm/microshift-stop-start.adoc @@ -0,0 +1,13 @@ +:_mod-docs-content-type: ASSEMBLY +[id="microshift-stop-start"] +include::_attributes/attributes-microshift.adoc[] += Stopping and starting {microshift-short} +:context: microshift-stop-start + +toc::[] + +You can stop or start {microshift-short} for a variety of reasons, including a fresh installation, adding optional RPM packages, and troubleshooting. + +include::modules/microshift-service-starting.adoc[leveloffset=+1] + +include::modules/microshift-service-stopping.adoc[leveloffset=+1] diff --git a/microshift_install_rpm/microshift-uninstall-rpm.adoc b/microshift_install_rpm/microshift-uninstall-rpm.adoc index 5f8729020c19..a4400022daee 100644 --- a/microshift_install_rpm/microshift-uninstall-rpm.adoc +++ b/microshift_install_rpm/microshift-uninstall-rpm.adoc @@ -8,4 +8,4 @@ toc::[] Before you uninstall {microshift-short}, clean up all the {microshift-short} data and configuration by running the `microshift-cleanup-data` script. -include::modules/microshift-uninstall-microshift-rpms.adoc[leveloffset=+1] \ No newline at end of file +include::modules/microshift-uninstall-microshift-rpms.adoc[leveloffset=+1] diff --git a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc index 5a95bfa01a08..c214e79eb8d3 100644 --- a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc +++ b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree-offline-use.adoc @@ -18,7 +18,7 @@ include::modules/microshift-adding-service-to-blueprint.adoc[leveloffset=+2] include::modules/microshift-creating-ostree-iso.adoc[leveloffset=+2] -[id="additional-resources_microshift-embed-microshift-offline-deployments_{context}"] +[id="additional-resources_microshift-embed-microshift-offline-deployments"] [role="_additional-resources"] == Additional resources diff --git a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc index f474ed5b525f..c541bca7bb4f 100644 --- a/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc +++ b/microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc @@ -67,12 +67,8 @@ include::modules/microshift-embed-kickstart-in-iso.adoc[leveloffset=+2] include::modules/microshift-accessing.adoc[leveloffset=+1] -include::modules/microshift-accessing-cluster-locally.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-locally.adoc[leveloffset=+2] -include::modules/microshift-accessing-cluster-open-firewall.adoc[leveloffset=+2] +include::modules/microshift-accessing-node-open-firewall.adoc[leveloffset=+2] -include::modules/microshift-accessing-cluster-remotely.adoc[leveloffset=+2] - -[role="_additional-resources"] -.Additional resources -* xref:../microshift_configuring/microshift-cluster-access-kubeconfig.adoc#microshift-kubeconfig-generating-remote-kcfiles_microshift-cluster-access-kubeconfig[Generating additional kubeconfig files for remote access] \ No newline at end of file +include::modules/microshift-accessing-node-remotely.adoc[leveloffset=+2] diff --git a/microshift_running_apps/microshift-authentication.adoc b/microshift_running_apps/microshift-authentication.adoc index 831e54764a28..34f3f260f6c6 100644 --- a/microshift_running_apps/microshift-authentication.adoc +++ b/microshift_running_apps/microshift-authentication.adoc @@ -1,12 +1,12 @@ :_mod-docs-content-type: ASSEMBLY [id="authentication-with-microshift"] -= Pod security authentication and authorization += Pod security authentication and authorization with SCC include::_attributes/attributes-microshift.adoc[] :context: authentication-microshift toc::[] -Pod security admission is an implementation of the link:https://kubernetes.io/docs/concepts/security/pod-security-standards/[Kubernetes pod security standards]. Use pod security admission to restrict the behavior of pods. +Pod security admission is an implementation of the link:https://kubernetes.io/docs/concepts/security/pod-security-standards/[Kubernetes pod security standards]. Use security content constraints (SCC) for pod security admission to restrict pod behavior. include::modules/microshift-security-context-constraints.adoc[leveloffset=+1] diff --git a/modules/microshift-accessing-cluster-locally.adoc b/modules/microshift-accessing-node-locally.adoc similarity index 77% rename from modules/microshift-accessing-cluster-locally.adoc rename to modules/microshift-accessing-node-locally.adoc index 46f683f394a5..d8ea940c85d8 100644 --- a/modules/microshift-accessing-cluster-locally.adoc +++ b/modules/microshift-accessing-node-locally.adoc @@ -2,13 +2,13 @@ // // microshift_install_rpm/microshift-install-rpm.adoc // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc -// microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="accessing-microshift-cluster-locally_{context}"] -= Accessing the {microshift-short} cluster locally +[id="accessing-microshift-node-locally_{context}"] += Accessing the {microshift-short} node locally -Use the following procedure to access the {microshift-short} cluster locally by using a `kubeconfig` file. +Use the following procedure to access the {microshift-short} node locally by using a `kubeconfig` file. .Prerequisites diff --git a/modules/microshift-accessing-cluster-open-firewall.adoc b/modules/microshift-accessing-node-open-firewall.adoc similarity index 77% rename from modules/microshift-accessing-cluster-open-firewall.adoc rename to modules/microshift-accessing-node-open-firewall.adoc index 24f20068e8d5..88805a54b60b 100644 --- a/modules/microshift-accessing-cluster-open-firewall.adoc +++ b/modules/microshift-accessing-node-open-firewall.adoc @@ -2,20 +2,19 @@ // // microshift_install_rpm/microshift-install-rpm.adoc // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc -// microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="microshift-accessing-cluster-open-firewall_{context}"] -= Opening the firewall for remote access to the {microshift-short} cluster +[id="microshift-accessing-node-open-firewall_{context}"] += Opening the firewall for remote access to the {microshift-short} node -Use the following procedure to open the firewall so that a remote user can access the {microshift-short} cluster. This procedure must be completed before a workstation user can access the cluster remotely. +Use the following procedure to open the firewall so that a remote user can access the {microshift-short} service. You must complete this procedure before a workstation user can access the node remotely. For this procedure, `user@microshift` is the user on the {microshift-short} host machine and is responsible for setting up that machine so that it can be accessed by a remote user on a separate workstation. .Prerequisites -* You have installed the `oc` binary. - +* You installed {oc-first}. * Your account has cluster administration privileges. .Procedure diff --git a/modules/microshift-accessing-cluster-remotely.adoc b/modules/microshift-accessing-node-remotely.adoc similarity index 64% rename from modules/microshift-accessing-cluster-remotely.adoc rename to modules/microshift-accessing-node-remotely.adoc index 3848f2dda6eb..4d672e7e7343 100644 --- a/modules/microshift-accessing-cluster-remotely.adoc +++ b/modules/microshift-accessing-node-remotely.adoc @@ -2,21 +2,21 @@ // // microshift_install_rpm/microshift-install-rpm.adoc // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc -// microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// microshift_configuring/microshift-access-node-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="accessing-microshift-cluster-remotely_{context}"] -= Accessing the {microshift-short} cluster remotely +[id="accessing-microshift-node-remotely_{context}"] += Accessing the {microshift-short} node remotely -Use the following procedure to access the {microshift-short} cluster from a remote location by using a `kubeconfig` file. +Use the following procedure to access the {microshift-short} service from a remote location by using a `kubeconfig` file. The `user@workstation` login is used to access the host machine remotely. The `` value in the procedure is the name of the user that `user@workstation` logs in with to the {microshift-short} host. .Prerequisites -* You have installed the `oc` binary. - +* You installed {oc-first}. * The `user@microshift` has opened the firewall from the local host. +* You generated additional `kubeconfig` files. .Procedure @@ -34,17 +34,13 @@ The `user@workstation` login is used to access the host machine remotely. The `< [user@workstation]$ MICROSHIFT_MACHINE= ---- -. As `user@workstation`, copy the generated `kubeconfig` file that contains the host name or IP address you want to connect with from the {op-system-base} machine running {microshift-short} to your local machine by running the following command: +. As `user@workstation`, copy the generated `kubeconfig` file that contains the hostname or IP address you want to connect to from the {op-system-base} machine running {microshift-short} to your local machine by running the following command: + [source,terminal] ---- -[user@workstation]$ ssh @$MICROSHIFT_MACHINE "sudo cat /var/lib/microshift/resources/kubeadmin/$MICROSHIFT_MACHINE/kubeconfig" > ~/.kube/config +[user@workstation]$ ssh @$MICROSHIFT_MACHINE "sudo cat /var/lib/microshift/resources/kubeadmin/$MICROSHIFT_MACHINE/kubeconfig" > ~/.kube/config <1> ---- -+ -[NOTE] -==== -To generate the `kubeconfig` files for this step, see link:https://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/{product-version}/html/configuring/microshift-kubeconfig#generating-additional-kubeconfig-files_microshift-kubeconfig[Generating additional kubeconfig files for remote access]. -==== +<1> Replace __ with your SSH login credentials. . As `user@workstation`, update the permissions on your `~/.kube/config` file by running the following command: + diff --git a/modules/microshift-accessing.adoc b/modules/microshift-accessing.adoc index 6cb48d6bc401..4eec7890718a 100644 --- a/modules/microshift-accessing.adoc +++ b/modules/microshift-accessing.adoc @@ -4,11 +4,11 @@ // microshift_install_rpm_ostree/microshift-embed-in-rpm-ostree.adoc :_mod-docs-content-type: CONCEPT -[id="accessing-microshift-cluster_{context}"] -= How to access the {microshift-short} cluster +[id="accessing-microshift-node_{context}"] += How to access the {microshift-short} node -Use the procedures in this section to access the {microshift-short} cluster by using the {oc-first}. +Access the {microshift-short} service by using the {oc-first}. -* You can access the cluster from either the same machine running the {microshift-short} service or from a remote location. -* You can use this access to observe and administrate workloads. -* When using the following steps, choose the `kubeconfig` file that contains the host name or IP address you want to connect to and place it in the relevant directory. +* You can access the node from either the same machine running the {microshift-short} service or from a remote location. +* You can use this access to observe and administer workloads. +* When using the following steps, choose the `kubeconfig` file that contains the hostname or IP address you want to connect to and place it in the relevant directory. diff --git a/modules/microshift-kubeconfig-generating-remote-kcfiles.adoc b/modules/microshift-kubeconfig-generating-additional-files.adoc similarity index 95% rename from modules/microshift-kubeconfig-generating-remote-kcfiles.adoc rename to modules/microshift-kubeconfig-generating-additional-files.adoc index 68597b34200e..af9f512aff58 100644 --- a/modules/microshift-kubeconfig-generating-remote-kcfiles.adoc +++ b/modules/microshift-kubeconfig-generating-additional-files.adoc @@ -1,9 +1,9 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: PROCEDURE -[id="generating-additional-kubeconfig-files_{context}"] +[id="microshift-kubeconfig-generating-additional-files_{context}"] = Generating additional kubeconfig files for remote access You can generate additional `kubeconfig` files to use if you need more host names or IP addresses than the default remote access file provides. diff --git a/modules/microshift-kubeconfig-local-access.adoc b/modules/microshift-kubeconfig-local-access.adoc index b559a3168f83..c60cfa37538c 100644 --- a/modules/microshift-kubeconfig-local-access.adoc +++ b/modules/microshift-kubeconfig-local-access.adoc @@ -1,12 +1,12 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: CONCEPT [id="microshift-kubeconfig-local-access_{context}"] = Local access kubeconfig file -The local access `kubeconfig` file is written to `/var/lib/microshift/resources/kubeadmin/kubeconfig`. This `kubeconfig` file provides access to the API server using `localhost`. Choose this file when you are connecting the cluster locally. +The local access `kubeconfig` file is written to `/var/lib/microshift/resources/kubeadmin/kubeconfig`. This `kubeconfig` file provides access to the API server by using `localhost`. Choose this file when you are connecting the cluster locally. .Example contents of `kubeconfig` for local access [source,yaml] diff --git a/modules/microshift-kubeconfig-overview.adoc b/modules/microshift-kubeconfig-overview.adoc index fe992ba6c364..2d4112ed4d2f 100644 --- a/modules/microshift-kubeconfig-overview.adoc +++ b/modules/microshift-kubeconfig-overview.adoc @@ -1,12 +1,12 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: CONCEPT [id="kubeconfig-files-overview_{context}"] = Kubeconfig files for configuring cluster access -The two categories of `kubeconfig` files used in {microshift-short} are local access and remote access. Every time {microshift-short} starts, a set of `kubeconfig` files for local and remote access to the API server are generated. These files are generated in the `/var/lib/microshift/resources/kubeadmin/` directory using preexisting configuration information. +The two categories of `kubeconfig` files used in {microshift-short} are local access and remote access. Every time {microshift-short} starts, a set of `kubeconfig` files for local and remote access to the API server are generated. These files are generated in the `/var/lib/microshift/resources/kubeadmin/` directory by using preexisting configuration information. Each access type requires a different authentication certificate signed by different Certificate Authorities (CAs). The generation of multiple `kubeconfig` files accommodates this need. @@ -14,7 +14,7 @@ You can use the appropriate `kubeconfig` file for the access type needed in each [NOTE] ==== -A `kubeconfig` file must exist for the cluster to be accessible. The values are applied from built-in default values or a `config.yaml`, if one was created. +A `kubeconfig` file must exist for the cluster to be accessible. The values are applied from built-in default values or a customized `config.yaml` file. ==== .Example contents of the kubeconfig files @@ -29,7 +29,7 @@ A `kubeconfig` file must exist for the cluster to be accessible. The values are └── microshift-rhel9 <4> └── kubeconfig ---- -<1> Local host name. The main IP address of the host is always the default. +<1> Local hostname. The main IP address of the host is always the default. <2> Subject Alternative Names for API server certificates. <3> DNS name. -<4> {microshift-short} host name. +<4> {microshift-short} hostname. diff --git a/modules/microshift-kubeconfig-remote-con.adoc b/modules/microshift-kubeconfig-remote-con.adoc index 4dabe5442df5..5f9a0dfbb3df 100644 --- a/modules/microshift-kubeconfig-remote-con.adoc +++ b/modules/microshift-kubeconfig-remote-con.adoc @@ -1,12 +1,12 @@ // Module included in the following assemblies: // -// * microshift/microshift_configuring/microshift-cluster-access-kubeconfig.adoc +// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc :_mod-docs-content-type: CONCEPT [id="remote-access-con_{context}"] = Remote access kubeconfig files -When a {microshift-short} cluster connects to the API server from an external source, a certificate with all of the alternative names in the SAN field is used for validation. {microshift-short} generates a default `kubeconfig` for external access using the `hostname` value. The defaults are set in the ``, `` and `api.` parameter values of the default `kubeconfig` file. +When a {microshift-short} node connects to the API server from an external source, a certificate with all of the alternative names in the SAN field is used for validation. {microshift-short} generates a default `kubeconfig` for external access by using the `hostname` value. The defaults are set in the ``, `` and `api.` parameter values of the default `kubeconfig` file. The `/var/lib/microshift/resources/kubeadmin//kubeconfig` file uses the `hostname` of the machine, or `node.hostnameOverride` if that option is set, to reach the API server. The CA of the `kubeconfig` file is able to validate certificates when accessed externally. @@ -22,4 +22,4 @@ clusters: //line space was not showing on PV1 preview, so added extra blank line [id="remote-access-customization_{context}"] == Remote access customization -Multiple remote access `kubeconfig` file values can be generated for accessing the cluster with different IP addresses or host names. An additional `kubeconfig` file generates for each entry in the `apiServer.subjectAltNames` parameter. You can copy remote access `kubeconfig` files from the host during times of IP connectivity and then use them to access the API server from other workstations. +Multiple remote access `kubeconfig` file values can be generated for accessing the node with different IP addresses or host names. An additional `kubeconfig` file generates for each entry in the `apiServer.subjectAltNames` parameter. You can copy remote access `kubeconfig` files from the host during times of IP connectivity and then use them to access the API server from other workstations.