Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-1856

ARO/HCP Managed/Workload Identities for Control Plane and Data plane - v3

XMLWordPrintable

    • Strategic Portfolio Work
    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-987Hosted Control Planes is seamlessly integrated as a backend for ARO
    • 100% To Do, 0% In Progress, 0% Done
    • 8
    • 0
    • Backlog Refinement

      Feature Overview (aka. Goal Summary)  

      In order for Managed OpenShift Hosted Control Planes to run as part of the Azure Redhat OpenShift, it is necessary to support the new AKS design for secrets/identities.

      Goals (aka. expected user outcomes)

      Hosted Cluster components use the secrets/identities provided/referenced in the Hosted Cluster resources creation.

      Requirements (aka. Acceptance Criteria):

      All OpenShift Hosted Cluster components running with the appropriate managed or workload identity.

       

      Anyone reviewing this Feature needs to know which deployment configurations that the Feature will apply to (or not) once it's been completed.  Describe specific needs (or indicate N/A) for each of the following deployment scenarios. For specific configurations that are out-of-scope for a given release, ensure you provide the OCPSTRAT (for the future to be supported configuration) as well.

      Deployment considerations List applicable specific needs (N/A = not applicable)
      Self-managed, managed, or both Managed
      Classic (standalone cluster) No
      Hosted control planes Yes
      Multi node, Compact (three node), or Single node (SNO), or all All supported ARO/HCP topologies
      Connected / Restricted Network All supported ARO/HCP topologies
      Architectures, e.g. x86_x64, ARM (aarch64), IBM Power (ppc64le), and IBM Z (s390x) All supported ARO/HCP topologies
      Operator compatibility All core operators
      Backport needed (list applicable versions) OCP 4.18.z
      UI need (e.g. OpenShift Console, dynamic plugin, OCM) No
      Other (please specify)  

      Background

      This is a follow-up to OCPSTRAT-979 required by an AKS sweeping change to how identities need to be handled.

      Documentation Considerations

      Should only affect ARO/HCP documentation rather than Hosted Control Planes documentation.

      Interoperability Considerations

      Does not affect ROSA or any of the supported self-managed Hosted Control Planes platforms

              rh-ee-brcox Bryan Cox
              asegurap1@redhat.com Antoni Segura Puimedon
              He Liu He Liu
              Matthew Werner Matthew Werner
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: