/red#isn/vl/systems/1 a @ _Bitshytustmesiaisnot suppetedon th generation systems ening LOM, because rei dese support |LO4 with virtual media, Redfish network boot for HPE iLO To enable Redfish, use redfish:// or redfishsntep:// to disable TLS. The installer requires both the hostname or the IP address and the path to the system ID. The following example demonstrates a Reciish configuration within the [Link] file. itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 171381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. hosts: adizeas: edt: hs ///redfish/vl/systens/1 password: \Wihile itis recommended to have a certificate of authority for the out-of-band management addresses, you must include disablecertiticateverification: True in the bac configuration if using self-signed certificates. The following example demonstrates a Redfish configuration using the disablecertificateverification: True configuration parameter within the [Link] file, openahitt-naszer-0 address: redfish:///redfish/vi/systens/1 password: disableCert:ficareVerstication: True BMC addressing for Fujitsu iRMC The acdress field for each bme entry isa URL for connecting to the OpenShift Container Platform cluster nodes, including the type (of controller in the URL scheme and its location on the network, ost: prot addcess: (1) password: 1 The address configuration setting specifies the protocol, For Fujitsu hardware, Red Hat supports integrated Remote Management Controller ()RMC) and IPM. Table & BMC address formats for Fujitsu iRMC Protocol Address Format iwc sess eout-of-bnd-tp> Pw spn//eout-of-ond-tp> inmc Fujitsu nodes can use irne:// and defaults to port 43. The following example demonstrates an iRMC configuration within the [Link] file itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 181881016/22, 259 PM host: adireas: tyne:// ‘Soting up the enviconment or an OpenShit installation - Deploying installr-provisioned clusters on bare metal Insaling | Open password: | Gere sppotsiRMC SS reve 205P and above risa osoned ration on ae metal Root device hints The rootbeviceHiints parameter enables the installer to provision the Red Hat Enterprise Linux CoreOS (RHCOS) image to a particular device, The installer examines the devices in the order it discovers them, and compares the discovered values with the hint values, The installer uses the first discovered device that matches the hint value, The configuration can combine multiple hints, but 3 device must match all hints for the installer to select it. Table 6, Subfietde Subfield iosizestganytes Example usage Description /Astng containing Linux device name Ke /dew/[Link] must match he sctual value act, |Asting containing SCSI bus address like [Link]. The hint must match the sctul vali exact, | sng contining a vendor-specic device identifier The hint canbe a substing of the actual value sting contsining the name ofthe vendo o manufacturer othe deve, The hire can bea sub-sting of te actual value A sving containing the device stil number Thehint must match the actual ‘An ineger representing the minimum sizeof the devicein gigabytes | srng eontining the unique storage identifier The hint mest match he actual value exact |Aseing contsining the unique strageientiir with the vendor extension appended. The hint must match he actal vale exact sting containing the unique vendor storage dente Th hint must nate ‘he actual vate exact | boolean indicating whether the device shouldbe a rotating dk (ru) or not (ase itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 91881015122, 259PM Setting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. role: e address: spni://[Link]:6203 password: redhat noot¥ACaddreas: [Link] devicenane: "/dev/ada" Optional: Setting proxy settings To deploy an OpenShift Container Platform cluster using a proxy, make the following changes to the [Link] file, baseDonain: oy hetperoxy: http: //USERNAME: PASSRORDEProny. example .com: PORT ttpsProxy: etps://USERNAME: PASSHORD¢proxy example. com: PORT noProxy: , <[Link]/CIDR>, The following isan example of noProxy with values. pobrony: -oxanple.c: sy [Link]/24,[Link]/28 wi a proxy enabled, set the appropriate values ofthe proxy inthe corresponding key/value pai. Key considerations += IF the proxy does not have an HTTPS prony, change the value of nepsProxy from netps:// to hetp:// + Ifusing a provisioning network, include itn the noProny setting, otherwise the installer wl fal + Seta ofthe prony settings as environment variables within the provisioner node. For example, HTTP_PROXY,,HTTPS_PROKY, and o_PROXY @ | Benerevsenine wor yeu carmen 2 COR aden back inthe metrany stings. You ms in ech address separately Optional: Deploying with no provisioning network To deploy an Openshift Container Platform cluster without a provisioning network, make the fllowing changes to the install- [Link] fie barenetalt provisioningNetwork: "Disabled" (4) 1 Add the provistoningNetwork configuration setting, if needed, and set it to Disabled The provisioning networks required fr PXE booting fy depay without prvisoning network yourust usta vtualmeda BMC adiessing option suchas retishvirtaniedia or trac-vireasinedia See Redish © rustmedi for HPE LO" inthe BMC ates or HPELO secon of "Reh vital meda fer DeliORAC the BMC aderesing for DeliDRAC” section or adtonal etal itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 200381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. Optional: Deploying with dual-stack networking PNetwork., and To deploy an OpenShift Container Platform cluster with dual-stack networking, edit the machineNetwork, clu servicevletwork configuration settings in the [Link] file, Each setting must have two CIDR er first CIDR entry is the IPv4 setting and the second CIDR entry is the IPv6 setting ies each, Ensure the (1 excetarnet = cide: (1 ox! sdenaté = cide: [Link]/24 hostPrefix: 23 = cide: £002 = #90322/112 The APIVIP IP address and the Ingress VIP address must be of the primary IP address family when using dual-stack @ | rite cure neat des nt sppertcnttck Ps or nh stacking Pe the nny IP address family, However, Red Hat does support dual-stack networking with IPv4 as the primary IP address family, Therefore, the IPv4 entries must go before the IPv6 entries, Optional: Configuring host network interfaces Before installation, you can set the netwarkconfig configuration setting in the [Link] ile to configure host network interfaces using NMState. The most commen use case for this functionality isto specify a static IP address on the barenetal network, but you can also configure other networks such as a storage network. This functionality supports other NMState features such as VLAN, VXLAN, bridges, bonds, routes, MTU, and DNS resolver settings. Prequisites = Configure a PTR DNS record with a valid hostname for each node with a static IP address, ' Install the NMState CLI (nnstate) Procedure = Optional: Consider testing the NMState syntax with nnstatectl ge before including tin the install-confé[Link] ile, because the installer will nt check the NMState YAML syntax. Errorsin the YAML syntax might esuitina ature to apply the network configuration. Adetonaly, maintaining @ _srevaicated vAML syntaxis useful when applying changes using Kubernetes NMState after deployment o when expanding the cluster. * Create an NMState YAML fie itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 211881016/22, 259 PM ' Test the configuration file by running the following command: 1 Use the networkConfig configuration setting by adding the NMState configuration to hosts within the install-config. yan} file itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml = name: (2) type: ethernet spur = sp: (1) enabled: true contig: = (1) config: = deatination: [Link]/0 next-hop-adéress: (1) next-hop-interface: (1) 1 Replace , , , and with appropriate values. 5 nmatatect! go Replace with the configuration file name. ‘Soting up the enviconment or an OperShit installation - Deploying installr-provisioned custrs on bare metal Insaling | Open 221881015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. = nano: openshift-naster-0 role: master addeess: redfishthutp:///redfish/vi/syatene password: = name: (2) type: ethe: ipvt adres: = ip: (2) next-hop-interface: (2) 1 Add the NMState YAML syntax to configure the host interfaces, Replace , , cnext_hop_ip_address> and with ‘appropriate values. Alter deploying the cluster you cannot madty te networkcontig configuration setting of intal2- © [Link] fe to make changes to the host network interface. Use the Kubermetes NMState Operator to make changes to the host network interface after deployment Configuring multiple cluster nodes You can simultaneously configure OpenShift Container Platform cluster nodes with identical settings. Configuring multiple cluster nodes avoids adding redundant information for each node to the install contig. yan. file. This file contains specific parameters to apply an identical configuration to multiple nodes in the cluster. Compute nodes are configured separately from the controller node, However, configurations for both node types use the highlighted parameters in the [Link] file to enable multi-node configuration. Set the networkconfig parameters to 80\0 a5 shown in the following example: itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 231381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. ipvar hep: true enabled: true rode: active-backup port = onp2s0 = enp390 bel notworkConfigs “BOND = name: ostest-master-2 lionel | @__ (1) ootacaddces: rootDevicellints: doviceName: "/dov/sda" hoatMade: UEFISecureBoot (2) Ensure the [Link] setting uses redfish, redfish-virtualmedia, or idrac-virtualnedia as the protocol. See "BMC addressing for HPE iLO" or “BMC addressing for Dell IDRAC" for adcitional details. 2 The bootHode setting is UEFE by default, Change it to UEFZSecureBoot to enable managed Secure Boot See ‘Configuring nodes" inthe Prerequisites” to ensure the nodes can support managed Secure Boot. the nodes © | 600% suopart managed Secure Boo, se “Configuring nodes for Secure Boot manly” in the “Contiguing nodes section. Configuring Secure Bot manual requires Redfh vital med, foes not support Secure Boot with IPMI, because PMI does not provide Secure Boot management e = facilities. itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 240381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. Manifest configuration files Creating the OpenShift Container Platform manifests 1 Create the OpenShift Container Platform manifests. 5 -/opensni ft-baronetal-install ~-dir ~/elustercontige create manifests Info Consuming Install config from target directory ArT alin te pane for iets Taba) byl cPEitg | Mentors Gcteselariel so) eenel zor] Semeceteet el settings Gependancies are dirty and it needs to be regenerated Optional: Configuring NTP for disconnected clusters COpenshift Container Platform installs the ehrony Network Time Protocol (NTP) service on the cluster nodes, ‘Openshift Container Platform nodes must agree on a date and time to run properly, When worker nodes retrieve the date and time from the NTP servers on the control plane nodes, it enables the installation and operation of clusters that are not connected to a routable network and thereby de not have access to a higher stratum NTP server. Procedure 1 Create a Butane config, 99-raster-chrony-conf-overrige. bu including the contents of the [Link] file for the contro! plane nodes. € | see"cieatng machine configs with Butane" for information about Butane Butane config example itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 251381015122, 2.59PM Setting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. variant: opensnite version: 4.11.0 ame: 99-mastor-o [Link]. 40/7: storage: = path: /eto/[Link] ny-conf-overside inline: # Use public seevers from the [Link] project. # Please consider joining the pool ([Link] [Link]/[Link]} # the Machine Config Operator manages this £16 server openshift-maater-0.. sburat (2) vor [Link]-nane>- sburst server openshift-naster-2.. sburst steatumieiont 0 geisctile /vaz/ite/ehvony/aett: rtosyne akestep 19 3 bindondaddzess [Link] keyfile /ete/chrony. keys ccommanakey 1 generatecomnandkey nocltentlog logchange 0.5 logair /vaz/log/ehrony # Configure the control plane nodes to serve as local NIP servers # for all worker nodes, even Lf they are not in ayne with an 4# upstream NTP server. 4 Allow NIP client access from che local network: allow all # Serve tine even if not synchronized to a tine source, oval stratum 3 axphan 1 You must replace with the name of the cluster and replace with the fully qualified domain name 1 Use Butane to generate a Machineconfig object file, 99-raster-chrony-conf-override. yan] , containing the configuration to be delivered to the control plane nodes: § butane [Link] -o 99-naater-chrony-cont-overrie. yam: = Create a Butane config, 99-worker-chrony-conf-overige. bu, including the contents of the chrony-cont file for the worker nodes that references the NTP servers on the control plane nodes, Butane config example itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 260381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. variant: openshite version: 4.11.0 [Link]/roie: worker = path: /ete/[Link] inline: | onain> burst (2) # the Machine contig oF server openshift-naster-0..< seever openshift-naster-1.. sburat ratumioicht 0 tb/eheony/aes makestep 10 3 es til bindondaa: keyfile /ete/ehrony. keys ‘commanakey 1 generatecommandkey logchange 0 logair /var/iog/chrony 1 You must replace with the name of the cluster and replace with the fully qualfied domain name. 1 Use Butane to generate a MachineConfig object file, 99-warker=[Link] , containing the configuration to be delivered to the worker nodes: § butane [Link] 0 99-orker-chrony-cont-override. yam Optional: Configuring network components to run on the control plane You can configure networking components to un exclusively on the control plane nodes. By defaut, OpenShift Container Platform allows any node in the machine canfig pool to host the ingressvzP vitual|P address, However, some environments deploy worker nodes n separate subnets rom the contol plane nodes. When deploying remote workers in separate subnets, you must place the AngressvIP virtual P address exclusively withthe control plane nodes. itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 271381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. i Sores T Lp Procedure * Change to the directory storing the [Link] file: 4 ed ~/olusteroontiss 1 Switch to the manifests subdirectory: * Create a fle named cluster-network-avoid-workers-99-config. yam 4 touch clusternetwork-avosd-workers-99-contig. yan 1 Open the [Link]. file in an editor and enter a custom resource (CR) that describes ‘the Operator configuration: apiversion: [Link]=.i0/vi kind: Machinecontis labels: [Link]/zoie: worke spec: ignition storage prtees = path: /ete/kubernetes/manif s/[Link] source: datat, ‘This manifest places the ingressVIP virtual IP address on the control plane nodes. Additionally, this manifest deploys the following processes on the control plane nodes only 1 openshift-ingress-operator keepalives ' Save the cluster-network-avold-workers-88-config. yam) file itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 200381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. = Create a manifests/[Link] fie: apiversion: operator [Link]/¥i Kind: IngzessController netasata namespace: openshift~ineress-operator spec osleselector: node~[Link]/master: " ' Consider backing up the nanifests directory. The installer deletes the manifests/ directory when creating the cluster. config.ym1 manifest to make the control plane nodes schedulable by setting the 1 Modify the cluster-scheduler- astersSchedulable field to true , Control plane nodes are not schedulable by default, For example: 1 -seheduler-02-conf $ sed -4 “sinastersSchedulable: false;nastersSchedulable: true;g” clusterconfigs/manifests/clust @ conta plane nodes are not schedulable ater completing ths procedure, deploying te ster wi al Optional: Deploying routers on worker nodes During installation, the installer deploys router pods on worker nodes. By default, the installer installs two router pods. If deployed cluster requires addtional routers to handle external traffic loads destined fr services within the OpenShift Container Platform Cluster, you can create a yaml file to set an appropriate number of router replicas, Deploying a cluster with only one worker node snot supported. While modifying the router replicas wil adéress @ issues withthe degraea state when depioyig wth one worker the cise loss high avaabity forthe ingress API hich is not suitable for production environments. forouters 2st she instal depos wo outers the castes has no worker nodes, the stalls deploys th (on the control plane nodes by default Procedure = Create a [Link] fie: apiversion: operator [Link]/vl kind: IngreesControl ler namespace: openchift-ingress-operator apee: replicas! endpelntPablishingst: type: sostNatwork nodesellector: natenlabels: [Link]/worker: ** Replace with an appropriate value. If working with ust one worker node, set replicas: 1s: irwerking with more than 3 worker nodes, you can ictease replicas: fom the default value 2 a8, appropriate, itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 200381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. 1 Save and copy the [Link] file to the clusterconfigs/openshift directory $ op ~/roster-replic: ‘yom clusterconfigs/openshift/99_router-[Link] Optional: Configuring the BIOS ‘The following procedure configures the BIOS during the installation process Procedure = Create the manifests 1 Modify the Baretetaliiost resource file corresponding to the node § vim clustercontigs/ope: 4.f¢/99_openshift-cluster-api_hosts-*-yaml 1 Add the BIOS configuration to the spec section of the BareMetalHost resource: simsitanco gorse adingBnabled: true eeiovinabled: true @ | att spore tiree 8105 configurations On servers wih BMC te me ae supported. Cer ypes of servers are currently aot supported = Create the cluster. Additional resources * Bare metal configuration Optional: Configuring the RAID ‘The following procedure configures a redundant array of independent disks (RAID) during the installation process + Onlynodes with baseboard management controller (BMC) type nse are supported. Other types of nodes are e currently not supported. + Ifyou want to configure a hardware RAID forthe node, make sure the node has RAID controler. Procedure * Create the manifests 1 Modify the Saretetaliiost resource corresponding to the node: § vim clustercontigs/openshi f¢/99_openshifc~cluster-aps_hosts-*.yami e pe irae do not support software RAID, the following RAID configuration uses hardware RAID as an example. * Ifyou added a specific RAID configuration to the spec section, this causes the node to delete the original RAID configuration in the preparing phase and perform a specified configuration on the RAID. For example: itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 301381015122, 259PM Setting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. spec hagdwarenazavelumes: = ever: "0" (a) nunberofPhysicalDisks: 1 gotational: true sizeoibibyter: 0 1 evel isa required field, and the others are optional fields. * If you added an empty RAID configuration to the spec section, the empty configuration causes the node to delete the original RAID configuration during the preparing phase, but does not perform a new configuration. For example: apee: hardwaresaibvels * Ifyou donot adda raid fieldin the spec section, the original RAID configuration is not deleted, and no new uration will be performed, 1 Create the cluster, Additional resources = Bate metal configuration Creating a disconnected registry Insome cases, you might want to install an OpenShift Container Platform cluster using a local copy of the installation registry. This could be for enhancing network efficiency because the clust nodes ate on a network that does not have access tothe internet Alocal, or mirrored, copy of the registry requires the following + Acertficate for the registry node, This can bea self-signed certificate = Avweb server that a container on a system will serve. = An updated pull secret that contains the certificate and local repository information. @ _ “isha tsconnectedregtiy on aregsty noe aptonsl you need to create a decometed egy ona registry node, you must complete al of the following sub-sections, Prerequisites f you have already prepared a mirror registry for Mirroring images for a disconnected installation, you can skip directly to Modify the install-config yam file to use the disconnected registry. Preparing the registry node to host the mirrored registry The following steps must be completed prior to hosting a mirored registry on bare metal Procedure = Open the firewall port on the registry node: sudo firewsll-ond —add-por: 000/tcp Aabyirt permanent $ sudo tirewall-cna .dd-port=5000/¢: je-public~-permanent reload itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 311381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. * Install the required packages for the registry node: $ sudo yan -y install python3 podman httpd netpd-t: is 3a 1 Create the directory structure where the repository information will be hel 4 soto mkair =p /opt, egistry/ (auth, certs,daca) Mirroring the OpenShift Container Platform image repository for a disconnected registry Complete the following steps to mirror the OpenShift Container Platform image repository fora disconnected regis Prerequisites * Your mirror host has access to the internet. + You configured a mirror registry to use in your restricted network and can access the certificate and credentials that you configured 1 You downloaded the pull secret from the Red Hat OnenShift Cluster Manager and modified it to include authentication to your mirror repository, Procedure 1 Review the OnenShift Container Platform downloads page to determine the version of OpenShift Container Platform that you ‘want to install and determine the corresponding tag on the Repository Tags page. ' Set the required environment variables: = Export the release version: 5 Oc? _RELEASE-crelease_vereso For , specify the tag that corresponds to the version of OpenShift Container Platform to install, such as 4.5.4 = Export the local registry name and host port Local, RES: ST8¥=":" For , specify the registry domain name for your mirror repository, and for , specify the port that it serves content on. ' Export the focal repository name: 1 REFOSITORY-'' For , specify the name of the repository to create in your regist y, Such as eca4/openshirts 1 Export the name of the repository to mirror: openshist-release-dev! Fora production release, you must specify openshift-release-dev "= Export the path to your registry pull secret: § LOCAL SECRET ssoN-'! For specify the absolute path to and file name of the pull secret for your mirror registry that you ated = Export the release miror: itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 321881015122, 2.59PM Setting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. 5 RELEASE_NAND- locpetelease” For aproduction release, you must specify ocp-release = Export the type of architecture for your server, such as x86_68 § ARCHITECTURE“cserver_aronitecture> + Export the path to the directory to host the mirrored images: 5 REMOVABLE MEDIA pam patn> (ay 1 Specify the full path including the initial forward slash (/) character. '= Mirror the version images to the mirror registry: + If your mirror hast does nat have internet access, take the following actions: * Connect the removable media to 3 system that is connected to the internet. 1 Review the images and configuration manifests to mirror: $90 adn reieane mirror -a ${LOCAI_SECRET_JS08} \ ~feom=quay. 10/3 {2RODUCT_8#P0)/$ {RELEASS_NAMS) :$(OCP_RELEASE)~5 (ARCHITECTURE) \ ~to~$ {LOCAL REGISTRY) /$ {LOCAL REPOSITORY} \ ~to-rezease-inage=3 {LOCAL REGISTRY) /${LOCAL # ‘SPOSITORY) :${OCP_RBLEASE)~5 (ARCHITECTURE) ~ ' Record the entire imagecontentSources section from the output of the previous command, The information about your mirrors is unique to your mirrored repository, and you must add the inageContentsources section to the [Link] file during installation. 1 Mireor the images to a directory on the removable media: § 0c atin release mirror ~a ${LOCAL SECRET_JsOW) quay. 10/8 PRODUC?_S#P0}/3 {RELEASE NAME) :$/0CP_ABL2s ovdir-$ (REMOVABLE MEDIA PATH} /nirror J=$ (ARCHITECTURE) '= Take the media to the restricted network environment and upload the images to the local container registry. $ oc image mirror >a 3{LOCAL_S8CRET_JSON) —-from-dir=$ (REMOVABLE MEDIA PATH) /mirror "tile://opensnits/release:${0CP RELEASE) +" §{LOCAL AEGISTRY}/$(LOCAL REEOSITORY} (1) 1 For REMOVABLE_MEDTA_PATH., you must use the same path that you specified when you mirrored the images. 1 Ifthe local container registry is connected to the mirror host, take the following actions: * Directly push the release images to the local registry by using folloning command: $ oc adin release mirror ~a ${LOCAL SECREY_JSON) \ ~froemquay. 10/3 {PRODUCT REPO} /§{RELEASE_NAt LOCKL_REGISTRY} /$|LOCAL_ REPOSITORY) ~-to-ralease-‘nage~${LOCAL, REGISTRY} /$ {LOCAL $(0CP_RELEASE} {ARCHITECTURE} \ -OSTTORY} :§(OCE_RELEASE}~$ (ARCHITECTURE) This command pulls the release information as a digest, and its output includes the imageContentSources data that you require when you install your caster. ' Record the entire imagecontentSources section from the output of the previous command, The information about your mirrors is unique to your mirrored repository, and you must add the inageContentsources section to the [Link] file during installation. @_Tilase name gets patches to Quayle dusing he miroing proses, ane he padman ages wi ‘show Quayio in the registry on the bootstrap virtual machine, itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 331381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. ' To create the installation program that is based on the content that you mirrored, extract it and pin it to the release: * IF your mitror host does net have internet access, run the following command: 3 ec adn release extract -a ${LOCAL # "$|uocaL_ REGISTRY) /$ LOCAL, REPOSITORY parenetal-inatall s onnand-openght $(0GP_RELEASE)" *= Ifthe local container registry is connected to the mirror host, run the following command: 3 oc adn release extract -a S(LOCAL SECRET JSON) re smnand-opensh: £:-barenetal-inetall "AL, REGISTRY} /${LOCAL, REPOSITORY} :$(OCP_RELEASE}-~$(ARCHITECTURE}” To ensure that you use the correct images for the version of OpenShift Container Platform that you selected, you must extract the installation program from the mirrored content. @_ Yours perfor this step ona machine wih an active intemet connection, Ifyou are in a disconnected environment, use the --image flag as part of must-gather and point to the payload image + For clusters using installer provisioned infrastucture, rn the following command Modify the install-configyam! file to use the disconnected registry (On the provisioner node, the [Link] file should use the newly created pull-secret from the [Link] file. The [Link] file must also contain the disconnected registry node's certificate and registry information. Procedure 1 Add the disconnected registry node's certificate to the install-config. yan! fie § echo “additionalteustRundle: |" >> inetall-contig. yam. ‘The certificate should follow the “additional Trustsundie: |" line and be properly indented, usually by two spaces. § sede '2/*/ /* fopt/zegistry/certs/[Link] >> [Link] ' Add the mirror information forthe registry to the [Link] ile: § echo "inageContentsourees:” >> inatali-config. yam $ echo "= mirrors: >> [Link] $ echo " ~ [Link]/ocp4/openahitt4* >> [Link] Replace [Link] with the registry’s fully qualified domain name. 4S echo " source: quay. to/openshi fe-release-dev/oep-reiease” >> [Link] 4} echo" mizmorsi" >> install-config. yan $ echo " ~ registry [Link]/acp4/apenshitt4* >> [Link]) Replace [Link] with the registry’s fully qualified domain name, $ echo " source: quay.1o/opanshift-release-dev/oop-vé.d-art-dev" >> inatall-config. yam) itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 341381015122, 259PM Setting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. Validation checklist for installation = Copenshitt Container Platform installer has been retrieved, = GOpenshift Container Platform installer has been extracted. = CiRequited parameters for the install -confé[Link] have been configured. = Q The hosts parameter for the [Link]. has been configured. = O The be parameter for the install-coné[Link] has bee figure. * CConventions forthe values configured in the te adress field have been applied = created the OpenShitt Container Platform manifest + Optional) Deployed routers on worker nodes. + Optional) Created a disconnected resistry = Q (Optional Validate disconnected registry settings ifn use. Deploying the cluster via the OpenShift Container Platform installer Run the OpenShift Container Platform instal: § -/openshi f.-barenetal-inavall ~-dir ~/elusterconfige ~-log-level debug create cluster Following the installation During the deployment process, you can check the installations overall status by issuing the tai command to the lopenshift_install 1og log fle in the install directory folder: § tall -£ /path/to/inetati-dir/-openshift_inatall.leg Verifying static IP address configuration I the DHCP reservation for a cluster node specifies an infinite lease, after the installer successfully provisions the node, the dispatcher script checks the node's network configuration. Ifthe script determines that the network configuration contains an infinite DHCP lease, it creates a new connection using the IP address of the DHCP lease as a static IP address, Te eReeher sent miantrn on secessflyprovsloned noses white provisioning of other nodesin he lusteris ongoing, Verify the network configuration is working properly. Procedure 1 Check the network interface configuration on the node, ‘= Turn off the DHCP server and reboot the OpenShift Container Platform node and ensure that the network configuration works Proper. Preparing to reinstall a cluster on bare metal Before you reinstall a cluster on bare metal, you must perform cleanup operations Procedure 1 Remove of reformat the disks fo environment, you must add any disks you removed. bootstrap, control plane node, and worker nodes. If you are working in a hypervisor itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 351381015122, 2.59PM —_Seting up the environment fr an OpenShit instalation - Deploying installer provisioned clusters on bare metal | nsaling | Open. * Delete the artifacts that the previous installation generated: oa} fbin/em “2 avth/ [Link] [Link] [Link] [Link] \ json openshift_install.log .openshift_tnsta = Generate new manifests and Ignition config files. See "Creating the Kubernetes manifest and Ignition config files" for more information. '= Upload the new bootstrap, contro plane, and compute node Ignition contig files that the installation program created to your HTTP server. This will overwrite the previous Ignition fies Additional resources Shift Container Platform Creating the Kubernetes manifest and Ignition co ade channels and releases files = OpenShift Container Platform u itpssidocs. [Link] platform. nstalingiinstaling_bare_metal_ipipt-nstall-instalaton workflow Niml 36138