Create wildcard entries in DNS *.cluster.domain.com
Get acme.sh git clone https://github.com/acmesh-official/acme.sh.git cd acme.shGet token from CloudFare Cloudfare > Get CF_Zone_ID CF_Account_ID and create CF_Token with Edit Zone permission
Edit dnsapi/dns_cf.sh with these values
Create certificates export OCP_API_DOMAIN=$(oc whoami --show-server | cut -f 2 -d ':' | cut -f 3 -d '/' | sed 's/-api././') export OCP_WILDCARD_DOMAIN=$(oc get ingresscontroller default -n openshift-ingress-operator -o jsonpath='{.status.domain}') export CERTDIR=$HOME/openshift_certificates mkdir -p ${CERTDIR} $ ~/acme.sh/acme.sh --register-account -m your_email_address@example.
published on 2023-04-25 included in Customize img
Recommended etcd practices https://docs.openshift.com/container-platform/4.12/scalability_and_performance/recommended-host-practices.html#recommended-etcd-practices_recommended-host-practices
The histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket[2m])) metric reports the round trip time for etcd to finish replicating the client requests between the members. Ensure that it is less than 50 ms.
Metrics to monitor https://access.redhat.com/articles/6967785#metrics
Monitor Leadership changes: This is expected as per result of installation/upgrade process or day1/2 operations (as result of Machine Config daemon operations), but we don’t expect to see it happening during normal operations. etcdHighNumberOfLeaderChanges alert can help us to identify that situation.
IPI Get openshift installer, openshift cli and pull-secret from https://console.redhat.com/openshift
Create install-config.yaml $ openshift-install create install-config --dir ./cluster
Here is a sample install-config.yaml for vSphere IPI
additionalTrustBundlePolicy: Proxyonly apiVersion: v1 baseDomain: example.com compute: - architecture: amd64 hyperthreading: Enabled name: worker platform: {} replicas: 3 controlPlane: architecture: amd64 hyperthreading: Enabled name: master platform: {} replicas: 3 metadata: creationTimestamp: null name: mmayeras networking: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 machineNetwork: - cidr: 10.
docs.openshift.com
Update Path Lab
Openshift Lifecycle
UPI PXE Config dnf install -y tftp-server syslinux-tftpboot httpd haproxy wget https://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.tar.gz wget https://raw.githubusercontent.com/leoaaraujo/openshift_pxe_boot_menu/main/files/bg-ocp.png -O /var/lib/tftpboot/bios/bg-ocp.png tar xf syslinux-6.03.tar.gz cp syslinux-6.03/bios/core/pxelinux.0 /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/com32/elflink/ldlinux/ldlinux.c32 /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/com32/lib/libcom32.c32 /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/com32/libutil/libutil.c32 /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/memdisk/memdisk /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/com32/modules/poweroff.c32 /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/com32/modules/pxechn.c32 /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/com32/modules/reboot.c32 /var/lib/tftpboot/bios/ cp syslinux-6.03/bios/com32/menu/vesamenu.c32 /var/lib/tftpboot/bios/ cp syslinux-6.03/efi64/efi/syslinux.efi /var/lib/tftpboot/efi64/ cp syslinux-6.03/efi64/com32/elflink/ldlinux/ldlinux.e64 /var/lib/tftpboot/efi64/ cp syslinux-6.03/efi64/com32/lib/libcom32.c32 /var/lib/tftpboot/efi64/ cp syslinux-6.03/efi64/com32/libutil/libutil.c32 /var/lib/tftpboot/efi64/ cp syslinux-6.03/bios/memdisk/memdisk /var/lib/tftpboot/efi64/ cp syslinux-6.03/efi64/com32/modules/poweroff.c32 /var/lib/tftpboot/efi64/ cp syslinux-6.03/efi64/com32/modules/pxechn.c32 /var/lib/tftpboot/efi64/ cp syslinux-6.03/efi64/com32/modules/reboot.c32 /var/lib/tftpboot/efi64/ cp syslinux-6.
