Menu Close

2.8.3.2. VPC validation

To ensure that the subnets that you provide are suitable, the installation program confirms the following data:

  • All the subnets that you specify exist.
  • You provide private subnets.
  • The subnet CIDRs belong to the machine CIDR that you specified.
  • You provide subnets for each availability zone. Each availability zone contains no more than one public and one private subnet. If you use a private cluster, provide only a private subnet for each availability zone. Otherwise, provide exactly one public and private subnet for each availability zone.
  • You provide a public subnet for each private subnet availability zone. Machines are not provisioned in availability zones that you do not provide private subnets for.

If you destroy a cluster that uses an existing VPC, the VPC is not deleted. When you remove the OpenShift Container Platform cluster from a VPC, the kubernetes.io/cluster/.*: shared tag is removed from the subnets that it used.