In {product-title} version {product-version}, you can install a cluster on Microsoft Azure in a restricted network by creating an internal mirror of the installation release content on an existing Azure Virtual Network (VNet).
Important
|
You can install an {product-title} cluster by using mirrored installation release content, but your cluster requires internet access to use the Azure APIs. |
-
You mirrored the images for a disconnected installation to your registry and obtained the
imageContentSources
data for your version of {product-title}.ImportantBecause the installation media is on the mirror host, you can use that computer to complete all installation steps.
-
You have an existing VNet in Azure. While installing a cluster in a restricted network that uses installer-provisioned infrastructure, you cannot use the installer-provisioned VNet. You must use a user-provisioned VNet that satisfies one of the following requirements:
-
The VNet contains the mirror registry.
-
The VNet has firewall rules or a peering connection to access the mirror registry hosted elsewhere.
-
By default, administrator secrets are stored in the kube-system
project. If you configured the credentialsMode
parameter in the install-config.yaml
file to Manual
, you must use one of the following alternatives:
-
To manage long-term cloud credentials manually, follow the procedure in Manually creating long-term credentials.
-
To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in Configuring an Azure cluster to use short-term credentials.
To install a cluster that uses {entra-first}, you must configure the Cloud Credential Operator utility and create the required Azure resources for your cluster.
-
If necessary, you can opt out of remote health reporting.