From 39a4708fb0be3ebded65bdf983737d106e11ee2c Mon Sep 17 00:00:00 2001 From: Cavalle Date: Wed, 25 Mar 2026 11:54:03 +0100 Subject: [PATCH] TELCODOCS-2249-RDSHubUpdate: Telco Hub RDS update for 420 --- modules/telco-hub-acm-observability.adoc | 9 ++-- modules/telco-hub-assisted-service.adoc | 9 ++-- ...o-hub-crs-advanced-cluster-management.adoc | 17 ++++--- modules/telco-hub-crs-container-registry.adoc | 1 - modules/telco-hub-crs-gitops-ztp.adoc | 13 +++-- modules/telco-hub-crs-image-mirroring.adoc | 4 +- modules/telco-hub-crs-installation.adoc | 4 +- modules/telco-hub-crs-storage.adoc | 2 +- .../telco-hub-managed-cluster-deployment.adoc | 3 +- modules/telco-hub-networking.adoc | 3 +- modules/telco-hub-software-stack.adoc | 23 +++++---- modules/telco-hub-software-stackup.adoc | 49 +++++++++++++++++++ modules/telco-hub-storage-considerations.adoc | 1 + modules/telco-yaml-reference.adoc | 10 ++++ .../telco-hub-rds.adoc | 1 + 15 files changed, 113 insertions(+), 36 deletions(-) create mode 100644 modules/telco-hub-software-stackup.adoc create mode 100644 modules/telco-yaml-reference.adoc diff --git a/modules/telco-hub-acm-observability.adoc b/modules/telco-hub-acm-observability.adoc index 1ea69d4c6354..6adf85c3a750 100644 --- a/modules/telco-hub-acm-observability.adoc +++ b/modules/telco-hub-acm-observability.adoc @@ -69,10 +69,11 @@ With these input values, the sizing calculator as described in the Red Hat Knowl .Storage requirements [options="header"] |==== -2+|`thanos rule` PV 2+|`thanos store` PV 2+|Object bucket^[1]^ +|`thanos rule` PV 2+|`thanos store` PV 2+|Object bucket -|*Per replica* |*Total* |*Per replica* |*Total* |*Per day* |*Total* +|*Per replica* |*Total* |*Per replica* |*Total* |*Total* -|30 GiB |90 GiB |100 GiB |300 GiB |15 GiB |101 GiB +|30 GiB |90 GiB |100 GiB |300 GiB |310 GiB |==== -[1] For the object bucket, it is assumed that downsampling is disabled, so that only raw data is calculated for storage requirements. + +* It is not possible to set the `Object bucket` size at MCO custom resource with downsampling enabled. This may be available in the future. diff --git a/modules/telco-hub-assisted-service.adoc b/modules/telco-hub-assisted-service.adoc index a681e687199b..b43c2d01d900 100644 --- a/modules/telco-hub-assisted-service.adoc +++ b/modules/telco-hub-assisted-service.adoc @@ -11,11 +11,14 @@ The Assisted Service is deployed with the multicluster engine and {rh-rhacm-firs |Size (GB) |`imageStorage` -|50 +|30 |`filesystemStorage` -|700 +|709 |`dataBaseStorage` -|20 +|0.7 |==== + +* `imageStorage` and `filesystemStorage` are calculated as described in the link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#enable-cim[about enabling central infrastructure management] section of the `MultiClusterEngine` custom resource documentation. +* `dataBaseStorage` is calculated only by empirical estimations based on different factors, such as the cluster topology, the number of events produced during the installation, and hardware and configuration length. Each host will take less than 200KB. \ No newline at end of file diff --git a/modules/telco-hub-crs-advanced-cluster-management.adoc b/modules/telco-hub-crs-advanced-cluster-management.adoc index 10217562ef5e..d38cc2672013 100644 --- a/modules/telco-hub-crs-advanced-cluster-management.adoc +++ b/modules/telco-hub-crs-advanced-cluster-management.adoc @@ -12,18 +12,23 @@ Component,Reference CR,Description,Optional {rh-rhacm},`acmAgentServiceConfig.yaml`,Creates a policy to manage copying data from an object bucket claim into a secret for Observability to connect to Thanos.,No {rh-rhacm},`acmMCE.yaml`,Defines the MultiCluster Engine configuration required by ACM.,No -{rh-rhacm},`acmMCH.yaml`,"Configures a `MultiClusterHub` CR with high availability, enabling various components and specifying installation settings.",No +{rh-rhacm},`acmMCH.yaml`,"Configures a `MultiClusterHub` with high availability, enabling various components and specifying installation settings for Open Cluster Management.",No {rh-rhacm},`acmMirrorRegistryCM.yaml`,Defines the SSL certificates and mirror registry configuration for various Red Hat and {product-title} registries used by the `multicluster-engine` in the `multicluster-engine` namespace.,No {rh-rhacm},`acmNS.yaml`,Defines the `open-cluster-management` namespace with a label to enable cluster monitoring.,No -{rh-rhacm},`acmOperGroup.yaml`,"Defines an OperatorGroup for the `open-cluster-management` namespace, targeting the same namespace.",No +{rh-rhacm},`acmOperGroup.yaml`,"Defines an `OperatorGroup` for the `open-cluster-management` namespace, targeting the same namespace.",No {rh-rhacm},`acmPerfSearch.yaml`,Configures search for Open Cluster Management by defining various parameters and API settings.,No {rh-rhacm},`acmProvisioning.yaml`,Configures a provisioning resource in the metal3.io/v1alpha1 API version to watch all namespaces.,No {rh-rhacm},`acmSubscription.yaml`,Subscribes to the {rh-rhacm} Operator using automatic install plan approval.,No {rh-rhacm},`observabilityMCO.yaml`,Configures `MultiClusterObservability` for managing observability and alerting across multiple clusters.,No {rh-rhacm},`observabilityNS.yaml`,Creates an `open-cluster-management-observability` namespace.,No {rh-rhacm},`observabilityOBC.yaml`,Creates an `ObjectBucketClaim` CR in the `open-cluster-management-observability` namespace.,No -{rh-rhacm},`observabilitySecret.yaml`,Creates a Secret CR in the `open-cluster-management-observability` namespace for storing Docker configuration details.,No -{rh-rhacm},`pull-secret-copy.yaml`,Creates a policy to copy the global pull secret into observability namespaces.,No -{rh-rhacm},`thanosSecret.yaml`,Creates a policy to copy data from an object bucket claim into a secret for observability to connect to Thanos.,No -{cgu-operator},`talmSubscription.yaml`,Creates a `Subscription` CR for {cgu-operator}.,No +{rh-rhacm},`observabilitySecret.yaml`,Creates a `Secret` CR in the `open-cluster-management-observability` namespace for storing containers configuration details.,No +{rh-rhacm},`pullSecretMCSB.yaml`,Creates a `ManagedClusterSetBinding` for the pull secret policy.,No +{rh-rhacm},`pullSecretPlacementBinding.yaml`,Creates the `PlacementBinding` needed for the pull secret policy.,No +{rh-rhacm},`pullSecretPlacement.yaml`,Creates the Placement against local cluster needed for the pull secret policy.,No +{rh-rhacm},`pullSecretPolicy.yaml`,Creates a policy to copy the global pull secret into observability namespaces.,No +{rh-rhacm},`thanosSecretPlacementBinding.yaml`,Creates the `PlacementBinding` needed for the thanos secret policy.,No +{rh-rhacm},`thanosSecretPlacement.yaml`,Creates the Placement against local cluster needed for the thanos secret policy.,No +{rh-rhacm},`thanosSecretPolicy.yaml`,Creates a policy to copy data from an object bucket claim into a secret for observability to connect to Thanos.,No +{cgu-operator},`talmSubscription.yaml`,Creates a `Subscription` CR for TALM.,No |==== diff --git a/modules/telco-hub-crs-container-registry.adoc b/modules/telco-hub-crs-container-registry.adoc index d60959233d62..56132dc55a55 100644 --- a/modules/telco-hub-crs-container-registry.adoc +++ b/modules/telco-hub-crs-container-registry.adoc @@ -16,7 +16,6 @@ Registry,`idms-release.yaml`,Defines an image digest `MirrorSet` CR for {product Registry,`image-config.yaml`,Defines an image configuration CR to manage image registries and policies.,No Registry,`itms-generic.yaml`,Defines an image tag `MirrorSet` CR for mirrored images in a disconnected registry.,No Registry,`itms-release.yaml`,Defines an image tag `MirrorSet` CR for {product-title} release images.,No -Registry,`kustomization.yaml`,Defines a `Kustomization` manifest for registry-related CRs.,No Registry,`operator-hub.yaml`,Configures the `OperatorHub` CR for offline catalog sources.,No Registry,`registry-ca.yaml`,Defines a `ConfigMap` CR containing registry CA certificates.,No |==== diff --git a/modules/telco-hub-crs-gitops-ztp.adoc b/modules/telco-hub-crs-gitops-ztp.adoc index b7461efec4e4..a22b7ebf9365 100644 --- a/modules/telco-hub-crs-gitops-ztp.adoc +++ b/modules/telco-hub-crs-gitops-ztp.adoc @@ -6,25 +6,28 @@ [id="gitops-ztp-crs_{context}"] = {ztp-first} reference CRs -.[ztp] CRs +.{ztp} ZTP CRs [cols="4*", options="header", format=csv] |==== Component,Reference CR,Description,Optional GitOps Operator,`argocd-ssh-known-hosts-cm.yaml`,Defines a `ConfigMap` CR to store SSH known hosts used by ArgoCD in a disconnected environment.,No +GitOps Operator,`addPluginsMCSB.yaml`,Defines the `ManagedClusterSetBinding` for policy used to patch GitOps operator.,No +GitOps Operator,`addPluginsPolicyNS.yaml`,Namespace for GitOps plugin policy.,No +GitOps Operator,`addPluginsPolicyPlacementBinding.yaml`,Defines the `PlacementBinding` for the GitOps plugin policy.,No +GitOps Operator,`addPluginsPolicyPlacement.yaml`,Defines the Placement against local cluster for the GitOps plugin policy.,No GitOps Operator,`addPluginsPolicy.yaml`,Defines a policy to add ArgoCD custom plugins to the GitOps controller.,No GitOps Operator,`argocd-application.yaml`,Defines the ArgoCD Application for GitOps management.,No GitOps Operator,`argocd-tls-certs-cm.yaml`,Defines a `ConfigMap` CR for ArgoCD TLS certificate management.,No GitOps Operator,`clusterrole.yaml`,Defines the `ClusterRole` CR that grants permissions to the GitOps Operator.,No GitOps Operator,`clusterrolebinding.yaml`,Binds the `ClusterRole` CR to the ArgoCD controller `ServiceAccount` CR.,No GitOps Operator,`gitopsNS.yaml`,Defines an `openshift-gitops-operator` namespace with a label for cluster monitoring.,No -GitOps Operator,`gitopsOperatorGroup.yaml`,Defines an OperatorGroup in the `openshift-gitops-operator` namespace with a default upgrade strategy.,No +GitOps Operator,`gitopsOperatorGroup.yaml`,Defines an `OperatorGroup` in the `openshift-gitops-operator` namespace with a default upgrade strategy.,No GitOps Operator,`gitopsSubscription.yaml`,"Defines a subscription for the {product-title} GitOps Operator, specifying automatic install plan approval and source details.",No GitOps Operator,`ztp-repo.yaml`,Defines the Git repository for ZTP manifests and configurations.,No GitOps applications,`app-project.yaml`,Defines an ArgoCD `AppProject` CR specifying resource whitelists and destination rules for cluster and namespace resources.,No GitOps applications,`clusters-app.yaml`,Defines a namespace and an ArgoCD application for managing the deployment of cluster configurations from the specified Git repository.,No -GitOps applications,`gitops-cluster-rolebinding.yaml`,Defines a `ClusterRoleBinding` CR that grants the `cluster-admin` role to the openshift-gitops-argocd-application-controller service account in the `openshift-gitops` namespace.,No +GitOps applications,`gitops-cluster-rolebinding.yaml`,Defines a `ClusterRoleBinding` CR that grants the `cluster-admin` role to the `openshift-gitops-argocd-application-controller` service account in the `openshift-gitops` namespace.,No GitOps applications,`gitops-policy-rolebinding.yaml`,Binds the `cluster-manager-admin` cluster role to the ArgoCD application controller `ServiceAccount` CR.,No -GitOps applications,`kustomization.yaml`,"Defines a Kustomization configuration for the {ztp} application installations, listing various YAML resources to be included.",No GitOps applications,`policies-app-project.yaml`,"Defines an Argo CD AppProject resource, specifying cluster and namespace resource whitelists and destinations.",No -GitOps applications,`policies-app.yaml`,Defines the ArgoCD `Application` CR for policy management.,No +GitOps applications,`policies-app.yaml`,Defines a namespace and an ArgoCD application for policy management.,No |==== diff --git a/modules/telco-hub-crs-image-mirroring.adoc b/modules/telco-hub-crs-image-mirroring.adoc index 94d5e2aa94a5..78048f4c5a68 100644 --- a/modules/telco-hub-crs-image-mirroring.adoc +++ b/modules/telco-hub-crs-image-mirroring.adoc @@ -1,6 +1,6 @@ // Module included in the following assemblies: // -// * scalability_and_performance/telco-hub-rds.adoc +// * scalability-and-performance/telco-hub-rds.adoc :_mod-docs-content-type: REFERENCE [id="image-mirroring-crs_{context}"] @@ -10,5 +10,5 @@ [cols="4*", options="header", format=csv] |==== Component,Reference CR,Description,Optional -Mirroring configuration CRs,`imageset-config.yaml`,"Defines an `ImageSetConfiguration` CR for mirroring {product-title} channels and Operator packages specific to versions and target catalogs.",No +Mirroring configuration CRs,`imageset-config.yaml`,"Defines an `ImageSetConfiguration` CR for mirroring {product-title} channels and Operator packages, specifying versions and target catalogs.",No |==== diff --git a/modules/telco-hub-crs-installation.adoc b/modules/telco-hub-crs-installation.adoc index 830fb203c37f..feca161cb703 100644 --- a/modules/telco-hub-crs-installation.adoc +++ b/modules/telco-hub-crs-installation.adoc @@ -10,6 +10,6 @@ [cols="4*", options="header", format=csv] |==== Component,Reference CR,Description,Optional -Agent-based install,`agent-config.yaml`,"Use this example template `AgentConfig` CR to configure the Agent-based installer, specifying network and device settings for your target hosts.",No -Agent-based install,`install-config.yaml`,"Use this example `install-config.yaml` template to configure your hub cluster installation for networking, control plane, compute nodes, mirror registries, and other environment-specific settings.",No +Agent-based install,`agent-config.yaml`,"Configures the Agent-based installer, specifying network and device settings for the hosts to be installed.",No +Agent-based install,`install-config.yaml`,"Configures the hub cluster installation for networking, control plane, compute nodes, mirror registries, and so on.",No |==== diff --git a/modules/telco-hub-crs-storage.adoc b/modules/telco-hub-crs-storage.adoc index d2ccce2395c6..fcf84523e478 100644 --- a/modules/telco-hub-crs-storage.adoc +++ b/modules/telco-hub-crs-storage.adoc @@ -18,5 +18,5 @@ Local Storage Operator,`lsoSubscription.yaml`,Defines a `Subscription` CR for th {rh-storage},`odfOperatorGroup.yaml`,Defines an `OperatorGroup` for the `openshift-storage` namespace.,Yes {rh-storage},`odfReady.yaml`,Defines a resource to verify readiness of the ODF deployment.,Yes {rh-storage},`odfSubscription.yaml`,"Configures an {product-title} subscription to the {rh-storage} Operator, specifying installation details such as the Operator's name, namespace, channel, and approval strategy.",Yes -{rh-storage},`storageCluster.yaml`,"Defines a `StorageCluster` CR with specific resource requests and limits, storage device sets, and annotations for Argo CD synchronization.",No +{rh-storage},`storageCluster.yaml`,"Defines a `StorageCluster` CR with specific resource requests and limits and storage device sets.,No |==== diff --git a/modules/telco-hub-managed-cluster-deployment.adoc b/modules/telco-hub-managed-cluster-deployment.adoc index 61ae09b1693e..e997c4ab1ae7 100644 --- a/modules/telco-hub-managed-cluster-deployment.adoc +++ b/modules/telco-hub-managed-cluster-deployment.adoc @@ -11,7 +11,8 @@ The `ClusterInstance` CR can be used to initiate cluster installation by using e Limits and requirements:: * The SiteConfig ArgoCD plugin which handles `SiteConfig` CRs is deprecated from {product-title} 4.18. - +* Cluster deployment requires an HTTP server hosting root filesystem and release specific {op-system} live ISO images. Each ISO image for each OpenShift release to be deployed must be reachable by the hub cluster and each deployed spoke cluster. Only include ISO images which exist on the HTTP server in the `AgentServiceConfig` CR. +* A container registry hosting all OpenShift and day-2 {olm-first} operator images reachable from all deployed spoke clusters. The hub configuration includes Kustomize overlays. use them to provide the TLS certificates and credentials for a disconnected container registry. Engineering considerations:: * You must create a `Secret` CR with the login information for the cluster baseboard management controller (BMC). diff --git a/modules/telco-hub-networking.adoc b/modules/telco-hub-networking.adoc index fd9b8fc96375..9f738835144e 100644 --- a/modules/telco-hub-networking.adoc +++ b/modules/telco-hub-networking.adoc @@ -32,7 +32,8 @@ For the above networking configurations, some values are required, or can be aut ** Managed cluster access to hub cluster API service, ingress IP and control plane node IP addresses. ** Managed cluster BMC access to hub cluster control plane node IP addresses. * An image registry must be accessible throughout the lifetime of the hub cluster. -** All required container images must be mirrored to the disconnected registry. +** All required container images must be mirrored to the disconnected registry. All OpenShift releases and {olm}} Operator release images needed in your deployment must be mirrored to the registry. Find an example of mirroring configuration in the reference as `imageset-config.yaml`, which must be updated to include your needed versions. Only `ClusterImageSet` custom resources that reference mirrored versions support deploying clusters. + ** The hub cluster must be configured to use a disconnected registry. ** The hub cluster cannot host its own image registry. For example, the registry must be available in a scenario where a power failure affects all cluster nodes. diff --git a/modules/telco-hub-software-stack.adoc b/modules/telco-hub-software-stack.adoc index ba7626b96b1b..f204e8b008d9 100644 --- a/modules/telco-hub-software-stack.adoc +++ b/modules/telco-hub-software-stack.adoc @@ -15,28 +15,31 @@ The telco hub 4.19 solution has been validated using the following Red{nbsp}Hat |Component |Software version |{product-title} -|4.19 +|4.20 + +|{rh-rhacm-first} +|2.15 |Local Storage Operator -|4.19 +|4.20 |{odf-first} -|4.18 - -|{rh-rhacm-first} -|2.13 +|4.20 |{gitops-title} -|1.16 +|1.18 |{ztp-first} plugins -|4.19 +|4.20 |{mce-short} PolicyGenerator plugin -|2.13 +|2.10 |{cgu-operator-first} -|4.19 +|4.20 + +|{quay} (internal only) +|3.13 |Cluster Logging Operator |6.2 diff --git a/modules/telco-hub-software-stackup.adoc b/modules/telco-hub-software-stackup.adoc new file mode 100644 index 000000000000..42ef2a61e0fe --- /dev/null +++ b/modules/telco-hub-software-stackup.adoc @@ -0,0 +1,49 @@ +// Module included in the following assemblies: +// +// * scalability_and_performance/telco_core_ref_design_specs/telco-core-rds.adoc + +:_mod-docs-content-type: REFERENCE +[id="telco-hub-software-stackup_{context}"] += Software stackup + +The following y-stream versions were used in validation + +[width="100%",cols="62%,38%",options="header",] +|==== +|Hub Cluster Component +|Software Version (y-stream) + +|{OCP} +|4.20 + +|{rh-rhacm-first} +|2.15 + +|Local Storage Operator +|4.20 + +|{rh-storage-first} +|4.20 + +|Red Hat OpenShift GitOps Operator +|1.18 + +|{ztp-first} +|4.20 + +|multicluster engine Operator PolicyGenerator plugin +|2.10 + +|{cgu-operator-first} +|4.20 + +|Cluster Logging Operator +|6.2 + +|{oadp-first} +|The version aligned with the {rh-rhacm} release. + +|==== + + +:leveloffset!: diff --git a/modules/telco-hub-storage-considerations.adoc b/modules/telco-hub-storage-considerations.adoc index b7997debe64c..827590a6d8f3 100644 --- a/modules/telco-hub-storage-considerations.adoc +++ b/modules/telco-hub-storage-considerations.adoc @@ -13,6 +13,7 @@ The hub cluster reference configuration provides storage through {rh-storage-fir Engineering considerations:: * Use SSD or NVMe disks with low latency and high throughput for etcd storage. +* To use {rh-storage}, storage disks must be clean, specially before a reinstallation. See additional resource for more details. * The storage solution for telco hub clusters is {rh-storage}. ** Local Storage Operator supports the storage class used by {rh-storage} to provide block, file, and object storage as needed by other components on the hub cluster. * The Local Storage Operator `LocalVolume` configuration includes setting `forceWipeDevicesAndDestroyAllData: true` to support the reinstallation of hub cluster nodes where {rh-storage} has previously been used. diff --git a/modules/telco-yaml-reference.adoc b/modules/telco-yaml-reference.adoc new file mode 100644 index 000000000000..8f1c8a0324a7 --- /dev/null +++ b/modules/telco-yaml-reference.adoc @@ -0,0 +1,10 @@ +// Module included in the following assemblies: +// +// * scalability_and_performance/telco_core_ref_design_specs/telco-core-rds.adoc + +:_mod-docs-content-type: REFERENCE +[id="telco-yaml-reference_{context}"] += Hub cluster reference configuration CRs + +The following is the complete YAML reference of all the custom resources (CRs) for the telco management hub reference configuration in 4.20. + diff --git a/scalability_and_performance/telco-hub-rds.adoc b/scalability_and_performance/telco-hub-rds.adoc index 59d004d3fe88..3d72d0027045 100644 --- a/scalability_and_performance/telco-hub-rds.adoc +++ b/scalability_and_performance/telco-hub-rds.adoc @@ -90,6 +90,7 @@ include::modules/telco-hub-storage-considerations.adoc[leveloffset=+2] [role="_additional-resources"] .Additional resources +* link:https://access.redhat.com/solutions/7114870[ODF disks cleaning procedure] * xref:../storage/understanding-persistent-storage.adoc#persistent-storage-overview_understanding-persistent-storage[Persistent storage overview] * link:https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/latest/html/red_hat_openshift_data_foundation_architecture/index[{rh-storage} architecture] * xref:../storage/persistent_storage_local/persistent-storage-local.adoc#persistent-storage-using-local-volume[Persistent storage using local volumes]