Openshift Checklist
Cluster purpose
- Performance (CPU/Memory)
- Storage affinity
- Security
- Developer point of view
Time Plan
Server
- What kind of setup? (VMs, Hardware, Vmware Provider)
- Miniumum:
- 1x Bastion (Linux)
- 1x Bootstrap (Coreos)
- 3x Control Plane (Coreos)
- 2x Worker (Coreos) - Hardware
- (2x Infra (Coreos)) - Hardware/VM
- Depending on use case (e.g. isolation of the network router)
- Already known:
- 3x Control Plane (HW)
- 2x Worker (HW)
- Miniumum:
- IP address for server
- Hostnames for servers
- Client to connect to the bastion system
- VPN access
- DNS Records
- For the hardware:
- access to ILO
Loadbalancer
- 2x virtual server on an Load balancer
- 1x API Loadbalancer
- Port 6443 and 22623 (and 443)
- 1x Application Ingress Loadbalancer
- 443 (und 80)
- 1x API Loadbalancer
- Wildcard DNS + DNS A Records/CNAME Records + PTR Records
- Wildcard certificate with CName for API
Firewall
- From Server to Server
- From Bastion to Servern
- From Server to Loadbalancer
- From Loadbalancer to Server
- From Client/Testsetups to Loadbalancer
- From Client to Bastion
Surrounding systems
- DHCP
- DNS
- TFTP / PXEBoot Server (WebServer)
- NTP
Further Topics
- Online/Offline Installation?
- Installation VM with Internet Access -> Disconnected installation
- mirror on installation node
- Cluster nodes without internet access
- Installation VM with Internet Access -> Disconnected installation
- If disconnected:
- Proxy access to Container Registry (Red Hat)
- Red Hat Login
- to download the installer
- to get the Pullsecret from Red Hat for registry access
- to access license information from Red Hat
- SSH Pivatekey
- Storage (Attach external systems, local storage, without persistence)
- Further enabled and configured features (Monitoring, OAuth/LDAP, existing Registries) Time/Scope!!
- Access to Container Images from a registry
Bare VMs for configuration.
TODO
- Networks
- VMs
- DNS Records