Skip to content

Latest commit

 

History

History
96 lines (63 loc) · 5.33 KB

installing-restricted-networks-azure-installer-provisioned.adoc

File metadata and controls

96 lines (63 loc) · 5.33 KB

Installing a cluster on Azure in a restricted network

In {product-title} version {product-version}, you can install a cluster on Microsoft Azure in a restricted network by creating an internal mirror of the installation release content on an existing Azure Virtual Network (VNet).

Important

You can install an {product-title} cluster by using mirrored installation release content, but your cluster requires internet access to use the Azure APIs.

Prerequisites

  • You mirrored the images for a disconnected installation to your registry and obtained the imageContentSources data for your version of {product-title}.

    Important

    Because the installation media is on the mirror host, you can use that computer to complete all installation steps.

  • You have an existing VNet in Azure. While installing a cluster in a restricted network that uses installer-provisioned infrastructure, you cannot use the installer-provisioned VNet. You must use a user-provisioned VNet that satisfies one of the following requirements:

    • The VNet contains the mirror registry.

    • The VNet has firewall rules or a peering connection to access the mirror registry hosted elsewhere.

Alternatives to storing administrator-level secrets in the kube-system project

By default, administrator secrets are stored in the kube-system project. If you configured the credentialsMode parameter in the install-config.yaml file to Manual, you must use one of the following alternatives:

Configuring an Azure cluster to use short-term credentials

To install a cluster that uses {entra-first}, you must configure the Cloud Credential Operator utility and create the required Azure resources for your cluster.

Next steps