On Wed, Sep 22, 2021 at 7:12 PM Kevin Fenzi <kevin@xxxxxxxxx> wrote: > > On Wed, Sep 22, 2021 at 01:03:52PM +0900, David Kirwan wrote: > > Hi all, > > > > We have put a number of SOPs together, related to Openshift 4, installation > > and configuration on Fedora Infra, we are hoping to get some feedback! > > > > If you get a minute please check the following: > > https://pagure.io/infra-docs-fpo/pull-request/8 > > Looks pretty nice to me. Thanks for the detailed docs. ;) > > I do have some other questions, might as well throw them here: > > * On the storage, are we ok if a node goes down? ie, does it spread it > over all the storage nodes/raid? Or is it just in one place and you are > dead if that node dies? > > * Is there any way to backup volumes? > > * should we make a playbooks/manual/ocp.yml playbook for things like > - list of clusteradmins > - list of clustermoniting > - anything else we want to manage post install > > * Have we tried a upgrade of the clusters yet? Did everything go ok? > Do we need any docs on upgrades? > > * Since the control plane are vm's I assume we need to drain them one at > a time to reboot the virthosts they are on? > > * Should we now delete the kubeadmin user? In 3.x I know they advise to > do that after auth is setup. > I'm not sure that's a good idea. I'm not even certain that was a good idea in the OCP 3.x days, because eliminating the kubeadmin user means you lose your failsafe login if all else fails. > * Right now the api is only internal. Is it worth getting a forward > setup to allow folks to use oc locally on their machines? It would > expose that api to the world, but of course it would still need auth. > > * Do we want to try and enable http/2 ingress? > https://docs.openshift.com/container-platform/4.5/networking/ingress-operator.html#nw-http2-haproxy_configuring-ingress > Maybe? I think if we want to have more HA-deployed services, it would make sense to do so. > * We will want to enable kubevirt/whatever it's called... > I think it's formally called OpenShift Virtualization, but yeah, it's KubeVirt. > Thanks for the great docs. +1 on them. > These are awesome, indeed! -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
