diff --git a/docs/aws/hosted-control-plane.md b/docs/aws/hosted-control-plane.md index 7fbd8b765..81e045592 100644 --- a/docs/aws/hosted-control-plane.md +++ b/docs/aws/hosted-control-plane.md @@ -17,63 +17,51 @@ The networking resources in AWS which are needed for a managed cluster can be reused with a management cluster. If you deployed your AWS Kubernetes cluster using Cluster API Provider AWS (CAPA) -you can obtain all the necessary data with the commands below: +you can obtain all the necessary data with the commands in [HMC Deployment manifest](#hmc-deployment-manifest). -**VPC ID** - -```bash - kubectl get awscluster -o go-template='{{.spec.network.vpc.id}}' -``` +If you want to use different VPCs/regions for your management or managed clusters +you should setup additional connectivity rules like [VPC peering](https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/vpc-peering.html). -**Subnet ID** -```bash - kubectl get awscluster -o go-template='{{(index .spec.network.subnets 0).resourceID}}' -``` +## HMC Deployment manifest -**Availability zone** +Grab the following `Deployment` manifest and save it to a file: -```bash - kubectl get awscluster -o go-template='{{(index .spec.network.subnets 0).availabilityZone}}' +```yaml +apiVersion: hmc.mirantis.com/v1alpha1 +kind: Deployment +metadata: + name: aws-hosted-cp +spec: + template: aws-hosted-cp + config: + vpcID: ${VPC_ID} + region: ${AWS_REGION} + publicIP: true + subnets: + - id: ${AWS_SUBNET_ID} + availabilityZone: ${AWS_AVAILABILITY_ZONE} + amiID: ${AWS_AMI_ID} + instanceType: t3.medium + securityGroupIDs: + - ${AWS_SECURITY_GROUP_ID} ``` -**Security group** -```bash - kubectl get awscluster -o go-template='{{.status.networkStatus.securityGroups.node.id}}' -``` +If deploying using resources from a prior managed cluster, you can use the +commands below, or populate the values manually. -**AMI id** -```bash - kubectl get awsmachinetemplate -worker-mt -o go-template='{{.spec.template.spec.ami.id}}' ``` +export CLUSTER_NAME="aws-hosted" -If you want to use different VPCs/regions for your management or managed clusters -you should setup additional connectivity rules like [VPC peering](https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/vpc-peering.html). +export VPC_ID=$(kubectl get awscluster $CLUSTER_NAME -o go-template='{{.spec.network.vpc.id}}') +export AWS_SUBNET_ID=$(kubectl get awscluster $CLUSTER_NAME -o go-template='{{(index .spec.network.subnets 0).resourceID}}') +export AWS_AVAILABILITY_ZONE=$(kubectl get awscluster $CLUSTER_NAME -o go-template='{{(index .spec.network.subnets 0).availabilityZone}}') +export AWS_SECURITY_GROUP_ID=$(kubectl get awscluster $CLUSTER_NAME -o go-template='{{.status.networkStatus.securityGroups.node.id}}') +export AWS_AMI_ID=$(kubectl get awsmachinetemplate $CLUSTER_NAME-worker-mt -o go-template='{{.spec.template.spec.ami.id}}') - -## HMC Deployment manifest - -With all the collected data your `Deployment` manifest will look similar to this: - -```yaml - apiVersion: hmc.mirantis.com/v1alpha1 - kind: Deployment - metadata: - name: aws-hosted-cp - spec: - template: aws-hosted-cp - config: - vpcID: vpc-0a000000000000000 - region: us-west-1 - publicIP: true - subnets: - - id: subnet-0aaaaaaaaaaaaaaaa - availabilityZone: us-west-1b - amiID: ami-0bfffffffffffffff - instanceType: t3.medium - securityGroupIDs: - - sg-0e000000000000000 +envsubst < deployment.yaml > deployment-aws-hosted-cp.yaml ``` -*Note: in this example we're using us-west-1 region, but you should use the region of your VPC* +> [!NOTE] +> In this example we're using the configured `$AWS_REGION`, but you should use the region of your VPC.