Skip to content

cloud/AWS

Explore the cloud credentials required by OKD on AWS

Are you interested to fine grant cloud Credentials provided to OKD components when deploying a cluster on AWS?

This guide will walk through how you can track the required API calls to AWS services, compile it and compare with requested by components.

At the end of this exploration will be able to fine grant the IAM permissions granted for different components, such as IAM Role or IAM User used by openshift-installer or cluster components.

Keep reading in "OCP on AWS | Experiment | Explore Cloud permissions requested and required"

Deploy OpenShift on AWS using custom IPv4 address

Exciting news for admins who wants more control of Public IP address in the Public Cloud! =]

Starting on 4.16, OpenShift/OKD has the capability to use custom Public IPv4 address (Elastic IP (EIP)) when deploying a cluster on AWS. This can help you in different ways:

  • Allowing to trust in which address range the nodes will egress traffic from the VPC to Internet, allowing to refine the firewall rules in the target services, such as on-premisses, or services published in the internet with restricted access.
  • Allowing to control which address the API server will be used
  • Alloing to decrease the IPv4 charges applied to Elastic IP when using the CIDR IPv4 that you brought to your AWS Account

To begging with, take a look at the following guides: - Install OCP/OKD on AWS using Public IPv4 Pool - Install OCP/OKD on AWS using existing Elastic IPs