Cloud Experts Documentation

PrivateLink

Adding a Public Ingress endpoint to a ROSA PrivateLink Cluster

This is an example guide for creating a public ingress endpoint for a ROSA Private-Link cluster. Be aware of the security implications of creating a public subnet in your ROSA VPC this way. Refer to the blog “How to add public Ingress to a PrivateLink ROSA cluster” , to expose applications to the internet by deploying in a PrivateLink Red Hat OpenShift Service on AWS (ROSA) cluster within a truly private Virtual Private Cloud (VPC) that doesn’t have an internet gateway attached to it.

Creating a ROSA cluster with PrivateLink enabled (custom VPC) and STS

This is a combination of the private-link and sts setup documents to show the full picture Prerequisites AWS CLI Rosa CLI v1.1.7 jq AWS Preparation If this is a brand new AWS account that has never had a AWS Load Balancer installed in it, you should run the following aws iam create-service-linked-role --aws-service-name \ "elasticloadbalancing.amazonaws.com" Create the AWS Virtual Private Cloud (VPC) and Subnets For this scenario, we will be using a newly created VPC with both public and private subnets.

Creating a ROSA cluster with PrivateLink enabled

Prerequisites AWS CLI Rosa CLI v1.0.8 jq Create VPC and Subnets The following instructions use the AWS CLI to create the necessary networking to deploy a PrivateLink ROSA cluster into a Single AZ and are intended to be a guide. Ideally you would use an Automation tool like Ansible or Terraform to manage your VPCs. When creating subnets, make sure that subnet(s) are created to an availability zone that has ROSA instances types available.

Interested in contributing to these docs?

Collaboration drives progress. Help improve our documentation The Red Hat Way.

GitHub
Red Hat logo LinkedIn YouTube Facebook Twitter

Products

Tools

Try, buy & sell

Communicate

About Red Hat

We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Subscribe to our newsletter, Red Hat Shares

Sign up now © 2023 Red Hat, Inc.