Are multiple ROSA clusters in a single VPC supported?

Resolution

The objective of this article is to prescribe support and recommendation of deploying Managed OpenShift using customers' existing VPC resources.

Terminology:

1. Shared-VPC: Deploying and hosting Managed OpenShift cluster using AWS Resource Access Manager (RAM) capability where VPC resources like subnets are shared. Here, the cluster is installed in AWS Account A using the subnets shared by Account B.

2. VPC Co-location: Deploying and hosting more than one Managed OpenShift clusters within VPC that belong to same AWS Account.

3. BYO-VPC: VPC resources created by customers to deploy Managed OpenShift clusters.

Supported Features:

1. Shared-VPC: ROSA and OpenShift Dedicated (OSD) on AWS support installing ROSA Classic (customer-hosted control plane) clusters in Shared-VPC. ROSA does not support installing ROSA with Hosted Control Plane (HCP) clusters in Shared-VPC.

2. VPC Co-location: Deploying more than one ROSA Classic, ROSA with HCP or OSD on AWS cluster in the same VPC is possible and supported. However, it is not recommended because of
   a) overhead in designing VPC and OpenShift Networking configurations and
   b) lack of strict network isolation between clusters. If the benefits outweigh these two considerations, multiple clusters within same VPC can be deployed.

3. BYO-VPC: ROSA HCP, ROSA Classic and OpenShift Dedicated (OSD) on AWS support BYO-VPC. The BYO-VPC must be a VPC not previously created by Managed OpenShift service to host a cluster.

Additional Resources:
1. Refer to OpenShift Documentation for Installing private OpenShift clusters on existing VPC.
2. Refer to OpenShift Documentation for Networking configuration
3. Refer to AWS Documentation for AWS Private Link used by ROSA HCP clusters
4. Refer to AWS Documentation for AWS Elastic Load Balancing
5. Refer to AWS Load Balancer Controller Documentation for Subnet Discovery Tags.
6. Refer to AWS RAM Documentation to learn more about Shared VPC Resources.