How to install ROSA with existing VPC
Environment
- Red Hat OpenShift Service on AWS (ROSA)
- 4
Issue
- How to install ROSA cluster with existing custom VPC?
-
Some failure errors in a bootstrap phase are shown when deploying ROSA cluster as follows:
level=error msg="Bootstrap failed to complete: timed out waiting for the condition" level=error msg="Failed to wait for bootstrapping to complete. This error usually happens when there is a problem with control plane hosts that prevents the control plane operators from creating the control plane." level=fatal msg="Bootstrap failed to complete" level=error msg="error after waiting for command completion" error="exit status 1" installID=xxxxxxxx level=error msg="error provisioning cluster" error="exit status 1" installID=xxxxxxxx level=error msg="error running openshift-install, running deprovision to clean up" error="exit status 1" installID=xxxxxxxx
Resolution
Usually, bootstrap phase failure would be caused by wrong network or DNS configuration on ROSA.
The documentation for creating ROSA cluster with STS (which is the preferred method), already includes the optional steps to install the cluster into an existing VPC:
- Creating a ROSA cluster with STS using the default options.
- Creating a ROSA cluster with STS using customizations.
Refer also to the VPC prerequisites when creating/configuring the custom VPC.
IMPORTANT: Don't install a ROSA cluster in an existing VPC created by the ROSA installer for a previous cluster. If the cluster that creates the VPC during the installation is deleted, the VPC created by the installer will be also deleted, and that will cause the new cluster installed in the same VPC to fail.
When working with AWS Tags, for using an existing VPC, please remember to tag it by using the shared value as below:
"tagSet": {
"items": [
{
"key": "kubernetes.io/cluster/xxxxxxxxxxx-xxxxx",
"value": "shared"
}
]
}
If set as owned, deleting the tagged cluster, it will impact on the clusters present on the same VPC.
Note: Shared VPC from different accounts is not supported.
Root Cause
Usually, bootstrap phase failure would be caused by wrong network or DNS configuration on ROSA.
Diagnostic Steps
Refer to the documentation for Troubleshooting installations and Troubleshooting cluster deployments.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments