Advanced Installation
When creating the agent.iso using the agent-based installer, you can further customize your clusters deployment by editing/adding additional manifests.
GitOps ZTP Manifests¶
Sample GitOps ZTP custom resources
Note
GitOps ZTP manifests can be generated with or without configuring the install-config.yaml and agent-config.yaml files beforehand. If you chose to configure the install-config.yaml and agent-config.yaml files, the configurations will be imported to the ZTP cluster manifests when they are generated. It's easiest to configure both yaml files first so the core config data is captured in a simpler format.
-
Before building the ISO, create the cluster manifests by running:
-
Now, if you navigate to the installation directory, you can edit the cluster-manifests directly
GitOps ZTP: Set masters/control-plane to be schedulable¶
-
Edit the
<installation_directory>/cluster-manifests/agent-cluster-install.yamland add the yaml below underspec: -
Now you can create the agent.iso
-
If this needs to be reverted, you can patch the master nodes after the cluster is built and running:
GitOps ZTP: Enable disk encryption using LUKS¶
Note
If using CLEVIS/TANG, DHCP is required for agent-based installs as there is no good way of passing static IP kernel args to the agent-installer currently. It's possible to patch this in during agent-bootstrap, but difficult. If you want a static-like IP deployment, you can still utilize static-dhcp reservations to get similar behavior
-
Edit the
<installation_directory>/cluster-manifests/agent-cluster-install.yamland add the yaml below underspec: -
Now you can create the agent.iso
Additional Manifests¶
Disabling default catalog sources, and adding your mirrored catalogs¶
You can add additional kubernetes manifests to further customize your cluster on day 0. This will need to be done, along with ImageTagMirrorSet and ImageDigestMirrorSet if you want to install Operators on day 0.
-
Before building the ISO, create a new directory in your
<installation_directory>calledopenshift -
Disabling default catalog sources
-
You can also disable the default Helm Chart Repository as it is configured to look for charts by default on the web
-
Adding your mirrored catalogs. This is the same information that comes from the oc mirror
working-dir/cluster-resources