|
| 1 | +# Cluster Customization |
| 2 | + |
| 3 | +The OpenShift Installer allows for several different levels of customization. It is important to understand how and why each of these levels is exposed and the ramifications of making changes at each of these levels. This guide will attempt to walk through each of them and provide examples for why an administrator may want to make customizations. |
| 4 | + |
| 5 | +Cluster customization can be broken into four major levels: OpenShift, Kubernetes, Platform, and OS. These four levels are rough abstraction layers (OpenShift being the highest layer and OS being the lowest) and fall into either the validated or unvalidated buckets. The levels within the validated bucket (OpenShift and Platform) encompass customization that is safe to perform - installation and automatic updates will succeed regardless of the changes made (to a reasonable degree). The levels within the unvalidated bucket (Kubernetes and OS) encompass customization that is not necessarily safe - after introducing changes, installation and automatic updates may not succeed. |
| 6 | + |
| 7 | +## OpenShift Customization |
| 8 | + |
| 9 | +The most simple customization is exposed by the installer as an interactive series of prompts. These prompts are required and represent a high-level of customization. They are needed in order to get a running OpenShift cluster, but they aren't enough to get anything other than a vanilla deployment out of the box. Further customization is possible once the cluster has been provisioned, but isn't covered in this document as it is a "Day 2" operation. |
| 10 | + |
| 11 | +## Platform Customization |
| 12 | + |
| 13 | +While the default cluster size may be sufficient for some, many will need to make alterations. This can include increasing the number of machines in the control plane, changing the type of the virtual machines that will be used (e.g. AWS instances), or adjusting the CIDR range used for the Kubernetes service network. This level of customization is exposed via the installer's `install-config.yaml`. The install-config can be accessed by running `openshift-install create install-config`. This file can then be modified as needed before running a later target. |
| 14 | + |
| 15 | +The `install-config.yaml` generated by the installer will not have all of the available fields populated, so they will need to be manually added if they are needed. The full list of available fields can be found in the [Go Docs][godocs]. Documentation for each of the supported platforms can be found in their platform-specific section: |
| 16 | + |
| 17 | +- [AWS][aws-customization] |
| 18 | + |
| 19 | +[aws-customization]: aws/customization.md |
| 20 | +[godocs]: https://godoc.org/github.com/openshift/installer/pkg/types#InstallConfig |
| 21 | + |
| 22 | +## Kubernetes Customization (unvalidated) |
| 23 | + |
| 24 | +In addition to customizing OpenShift and aspects of the underlying platform, the installer allows arbitrary modification to the Kubernetes objects that are injected into the cluster. Note that there is currently no validation on the modifications that are made, so it is possible that the changes will result in a non-functioning cluster. The Kubernetes manifests can be viewed and modified using the `manifests` and `manifest-templates` targets. |
| 25 | + |
| 26 | +The `manifests` target will render the manifest templates and output the result into the asset directory. Perhaps the most common use for this target is to include additional manifests in the initial installation. These manifests could be added after the installation as a "Day 2" operation, but there may be cases where they are necessary beforehand. |
| 27 | + |
| 28 | +The `manifest-templates` target will output the unrendered manifest templates into the asset directory. This allows modification to the templates before they have been rendered, which may be useful to users who wish to reuse the templates between cluster deployments. |
| 29 | + |
| 30 | +## OS Customization (unvalidated) |
| 31 | + |
| 32 | +In rare circumstances, certain modifications to the bootstrap and other machines may be necessary. The installer provides the "ignition-configs" target, which allows arbitrary modification to the [Ignition Configs][ignition] used to boot these machines. Note that there is currently no validation on the modifications that are made, so it is possible that the changes will result in a non-functioning cluster. |
| 33 | + |
| 34 | +An example `worker.ign` is shown below. It has been modified to increase the HTTP timeouts used when fetching the generated worker config from the cluster. This isn't likely to be useful, but it does demonstrate what is possible. |
| 35 | + |
| 36 | +```json ignition |
| 37 | +{ |
| 38 | + "ignition": { |
| 39 | + "version": "2.2.0", |
| 40 | + "config": { |
| 41 | + "append": [{ |
| 42 | + "source": "https://test-cluster-api.example.com:49500/config/worker" |
| 43 | + }] |
| 44 | + }, |
| 45 | + "security": { |
| 46 | + "tls": { |
| 47 | + "certificateAuthorities": [{ |
| 48 | + "source": "data:text/plain;charset=utf-8;base64,LS0tLS1CRU..." |
| 49 | + }] |
| 50 | + } |
| 51 | + }, |
| 52 | + "timeouts": { |
| 53 | + "httpResponseHeaders": 120 |
| 54 | + } |
| 55 | + }, |
| 56 | + "passwd": { |
| 57 | + "users": [{ |
| 58 | + "name": "core", |
| 59 | + "sshAuthorizedKeys": [ |
| 60 | + "ssh-ed25519 AAAA..." |
| 61 | + ] |
| 62 | + }] |
| 63 | + } |
| 64 | +} |
| 65 | +``` |
| 66 | + |
| 67 | +[ignition]: https://coreos.com/ignition/docs/latest/ |
0 commit comments