creating-infrastructure-machinesets.adoc

Creating infrastructure machine sets

modules/machine-user-provisioned-limitations.adoc

You can use infrastructure machine sets to create machines that host only infrastructure components, such as the default router, the integrated container image registry, and the components for cluster metrics and monitoring. These infrastructure machines are not counted toward the total number of subscriptions that are required to run the environment.

In a production deployment, it is recommended that you deploy at least three machine sets to hold infrastructure components. {SMProductName} deploys Elasticsearch, which requires three instances to be installed on different nodes. Each of these nodes can be deployed to different availability zones for high availability. This configuration requires three different machine sets, one for each availability zone. In global Azure regions that do not have multiple availability zones, you can use availability sets to ensure high availability.

modules/infrastructure-components.adoc

For information about infrastructure nodes and which components can run on infrastructure nodes, see the "Red Hat OpenShift control plane and infrastructure nodes" section in the OpenShift sizing and subscription guide for enterprise Kubernetes document.

To create an infrastructure node, you can use a machine set, label the node, or use a machine config pool.

Creating infrastructure machine sets for production environments

In a production deployment, it is recommended that you deploy at least three compute machine sets to hold infrastructure components. {SMProductName} deploys Elasticsearch, which requires three instances to be installed on different nodes. Each of these nodes can be deployed to different availability zones for high availability. A configuration like this requires three different compute machine sets, one for each availability zone. In global Azure regions that do not have multiple availability zones, you can use availability sets to ensure high availability.

Creating infrastructure machine sets for different clouds

Use the sample compute machine set for your cloud.

modules/machineset-yaml-aws.adoc

Machine sets running on AWS support non-guaranteed Spot Instances. You can save on costs by using Spot Instances at a lower price compared to On-Demand Instances on AWS. Configure Spot Instances by adding spotMarketOptions to the MachineSet YAML file.

modules/machineset-yaml-azure.adoc

Machine sets running on Azure support non-guaranteed Spot VMs. You can save on costs by using Spot VMs at a lower price compared to standard VMs on Azure. You can configure Spot VMs by adding spotVMOptions to the MachineSet YAML file.

Additional resources

• Selecting an Azure Marketplace image

modules/machineset-yaml-azure-stack-hub.adoc

Note	Machine sets running on Azure Stack Hub do not support non-guaranteed Spot VMs.

modules/machineset-yaml-ibm-cloud.adoc

modules/machineset-yaml-gcp.adoc

Machine sets running on GCP support non-guaranteed preemptible VM instances. You can save on costs by using preemptible VM instances at a lower price compared to normal instances on GCP. You can configure preemptible VM instances by adding preemptible to the MachineSet YAML file.

modules/machineset-yaml-nutanix.adoc

modules/machineset-yaml-osp.adoc

modules/machineset-yaml-vsphere.adoc

modules/machineset-creating.adoc

modules/creating-an-infra-node.adoc

Additional resources

• Moving resources to infrastructure machine sets

modules/creating-infra-machines.adoc

Additional resources

• See Node configuration management with machine config pools for more information on grouping infra machines in a custom pool.

Assigning machine set resources to infrastructure nodes

After creating an infrastructure machine set, the worker and infra roles are applied to new infra nodes. Nodes with the infra role applied are not counted toward the total number of subscriptions that are required to run the environment, even when the worker role is also applied.

However, with an infra node being assigned as a worker, there is a chance user workloads could get inadvertently assigned to an infra node. To avoid this, you can apply a taint to the infra node and tolerations for the pods you want to control.

modules/binding-infra-node-workloads-using-taints-tolerations.adoc

Additional resources

• See Controlling pod placement using the scheduler for general information on scheduling a pod to a node.

• See Moving resources to infrastructure machine sets for instructions on scheduling pods to infra nodes.

• See Understanding taints and tolerations for more details about different effects of taints.

Moving resources to infrastructure machine sets

Some of the infrastructure resources are deployed in your cluster by default. You can move them to the infrastructure machine sets that you created by adding the infrastructure node selector, as shown:

spec:
  nodePlacement: (1)
    nodeSelector:
      matchLabels:
        node-role.kubernetes.io/infra: ""
    tolerations:
    - effect: NoSchedule
      key: node-role.kubernetes.io/infra
      value: reserved
    - effect: NoExecute
      key: node-role.kubernetes.io/infra
      value: reserved

1. Add a nodeSelector parameter with the appropriate value to the component you want to move. You can use a nodeSelector in the format shown or use <key>: <value> pairs, based on the value specified for the node. If you added a taint to the infrasructure node, also add a matching toleration.

Applying a specific node selector to all infrastructure components causes {product-title} to schedule those workloads on nodes with that label.

modules/infrastructure-moving-router.adoc

modules/infrastructure-moving-registry.adoc

modules/infrastructure-moving-monitoring.adoc

modules/nodes-pods-vertical-autoscaler-moving-vpa.adoc

Additional resources

• Moving monitoring components to different nodes

• Using node selectors to move logging resources

• Using taints and tolerations to control logging pod placement