Merge pull request #41943 from jeana-redhat/OSDOCS-2853_Alibaba_Cloud_machine_mgmt

OSDOCS-2853: Alibaba Cloud machine management

Author: jeana-redhat

_topic_maps/_topic_map.yml

@@ -1755,6 +1755,8 @@ Topics:
   Dir: creating_machinesets
   Distros: openshift-origin,openshift-enterprise
   Topics:
+  - Name: Creating a machine set on Alibaba Cloud
+    File: creating-machineset-alibaba
   - Name: Creating a machine set on AWS
     File: creating-machineset-aws
   - Name: Creating a machine set on Azure

machine_management/creating-infrastructure-machinesets.adoc

@@ -26,6 +26,12 @@ In a production deployment, it is recommended that you deploy at least three mac
 
 Use the sample machine set for your cloud.
 
+include::modules/machineset-yaml-alibaba.adoc[leveloffset=+3]
+
+//Machine set parameters for Alibaba Cloud usage statistics
+[discrete]
+include::modules/machineset-yaml-alibaba-usage-stats.adoc[leveloffset=+4]
+
 include::modules/machineset-yaml-aws.adoc[leveloffset=+3]
 
 Machine sets running on AWS support non-guaranteed xref:../machine_management/creating_machinesets/creating-machineset-aws.adoc#machineset-non-guaranteed-instance_creating-machineset-aws[Spot Instances]. You can save on costs by using Spot Instances at a lower price compared to

machine_management/creating_machinesets/creating-machineset-alibaba.adoc

@@ -0,0 +1,24 @@
+:_content-type: ASSEMBLY
+[id="creating-machineset-alibaba"]
+= Creating a machine set on Alibaba Cloud
+include::modules/common-attributes.adoc[]
+:context: creating-machineset-alibaba
+
+toc::[]
+
+You can create a different machine set to serve a specific purpose in your {product-title} cluster on Alibaba Cloud. For example, you might create infrastructure machine sets and related machines so that you can move supporting workloads to the new machines.
+
+//[IMPORTANT] admonition for UPI
+include::modules/machine-user-provisioned-limitations.adoc[leveloffset=+1]
+
+//Machine API overview
+include::modules/machine-api-overview.adoc[leveloffset=+1]
+
+//Sample YAML for a machine set custom resource on Alibaba Cloud
+include::modules/machineset-yaml-alibaba.adoc[leveloffset=+1]
+
+//Machine set parameters for Alibaba Cloud usage statistics
+include::modules/machineset-yaml-alibaba-usage-stats.adoc[leveloffset=+2]
+
+//Creating a machine set
+include::modules/machineset-creating.adoc[leveloffset=+1]

modules/machineset-yaml-alibaba-usage-stats.adoc

@@ -0,0 +1,95 @@
+// Module included in the following assemblies:
+//
+// * machine_management/creating-infrastructure-machinesets.adoc
+// * machine_management/creating_machinesets/creating-machineset-alibaba.adoc
+
+ifeval::["{context}" == "creating-infrastructure-machinesets"]
+:infra:
+endif::[]
+
+:_content-type: REFERENCE
+[id="machineset-yaml-alibaba-usage-stats_{context}"]
+= Machine set parameters for Alibaba Cloud usage statistics
+
+The default machine sets that the installer creates for Alibaba Cloud clusters include nonessential tag values that Alibaba Cloud uses internally to track usage statistics. These tags are populated in the `securityGroups`, `tag`, and `vSwitch` parameters of the `spec.template.spec.providerSpec.value` list.
+
+When creating machine sets to deploy additional machines, you must include the required Kubernetes tags. The usage statistics tags are applied by default, even if they are not specified in the machine sets you create. You can also include additional tags as needed.
+
+The following YAML snippets indicate which tags in the default machine sets are optional and which are required.
+
+.Tags in `spec.template.spec.providerSpec.value.securityGroups`
+[source,yaml]
+----
+spec:
+  template:
+    spec:
+      providerSpec:
+        value:
+          securityGroups:
+          - tags:
+            - Key: kubernetes.io/cluster/<infrastructure_id> <1>
+              Value: owned
+            - Key: GISV
+              Value: ocp
+            - Key: sigs.k8s.io/cloud-provider-alibaba/origin <1>
+              Value: ocp
+            - Key: Name
+              Value: <infrastructure_id>-sg-<role> <2>
+            type: Tags
+----
+<1> Optional: This tag is applied even when not specified in the machine set.
+<2> Required.
++
+where:
++
+* `<infrastructure_id>` is the infrastructure ID that is based on the cluster ID that you set when you provisioned the cluster.
+* `<role>` is the node label to add.
+
+.Tags in `spec.template.spec.providerSpec.value.tag`
+[source,yaml]
+----
+spec:
+  template:
+    spec:
+      providerSpec:
+        value:
+          tag:
+          - Key: kubernetes.io/cluster/<infrastructure_id> <2>
+            Value: owned
+          - Key: GISV <1>
+            Value: ocp
+          - Key: sigs.k8s.io/cloud-provider-alibaba/origin <1>
+            Value: ocp
+----
+<1> Optional: This tag is applied even when not specified in the machine set.
+<2> Required.
++
+where `<infrastructure_id>` is the infrastructure ID that is based on the cluster ID that you set when you provisioned the cluster.
+
+.Tags in `spec.template.spec.providerSpec.value.vSwitch`
+[source,yaml]
+----
+spec:
+  template:
+    spec:
+      providerSpec:
+        value:
+          vSwitch:
+            tags:
+            - Key: kubernetes.io/cluster/<infrastructure_id> <1>
+              Value: owned
+            - Key: GISV <1>
+              Value: ocp
+            - Key: sigs.k8s.io/cloud-provider-alibaba/origin <1>
+              Value: ocp
+            - Key: Name
+              Value: <infrastructure_id>-vswitch-<zone> <2>
+            type: Tags
+----
+<1> Optional: This tag is applied even when not specified in the machine set.
+<2> Required.
++
+where:
++
+* `<infrastructure_id>` is the infrastructure ID that is based on the cluster ID that you set when you provisioned the cluster.
+* `<zone>` is the zone within your region to place machines on.

modules/machineset-yaml-alibaba.adoc

@@ -0,0 +1,154 @@
+// Module included in the following assemblies:
+//
+// * machine_management/creating-infrastructure-machinesets.adoc
+// * machine_management/creating_machinesets/creating-machineset-alibaba.adoc
+
+ifeval::["{context}" == "creating-infrastructure-machinesets"]
+:infra:
+endif::[]
+
+:_content-type: REFERENCE
+[id="machineset-yaml-alibaba_{context}"]
+= Sample YAML for a machine set custom resource on Alibaba Cloud
+
+This sample YAML defines a machine set that runs in a specified Alibaba Cloud zone in a region and creates nodes that are labeled with
+ifndef::infra[`node-role.kubernetes.io/<role>: ""`.]
+ifdef::infra[`node-role.kubernetes.io/infra: ""`.]
+
+In this sample, `<infrastructure_id>` is the infrastructure ID label that is based on the cluster ID that you set when you provisioned the cluster, and
+ifndef::infra[`<role>`]
+ifdef::infra[`<infra>`]
+is the node label to add.
+
+[source,yaml]
+----
+apiVersion: machine.openshift.io/v1beta1
+kind: MachineSet
+metadata:
+  labels:
+    machine.openshift.io/cluster-api-cluster: <infrastructure_id> <1>
+ifndef::infra[]
+    machine.openshift.io/cluster-api-machine-role: <role> <2>
+    machine.openshift.io/cluster-api-machine-type: <role> <2>
+  name: <infrastructure_id>-<role>-<zone> <3>
+endif::infra[]
+ifdef::infra[]
+    machine.openshift.io/cluster-api-machine-role: <infra> <2>
+    machine.openshift.io/cluster-api-machine-type: <infra> <2>
+  name: <infrastructure_id>-<infra>-<zone> <3>
+endif::infra[]
+  namespace: openshift-machine-api
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      machine.openshift.io/cluster-api-cluster: <infrastructure_id> <1>
+ifndef::infra[]
+      machine.openshift.io/cluster-api-machineset: <infrastructure_id>-<role>-<zone> <3>
+endif::infra[]
+ifdef::infra[]
+      machine.openshift.io/cluster-api-machineset: <infrastructure_id>-<infra>-<zone> <3>
+endif::infra[]
+  template:
+    metadata:
+      labels:
+        machine.openshift.io/cluster-api-cluster: <infrastructure_id> <1>
+ifndef::infra[]
+        machine.openshift.io/cluster-api-machine-role: <role> <2>
+        machine.openshift.io/cluster-api-machine-type: <role> <2>
+        machine.openshift.io/cluster-api-machineset: <infrastructure_id>-<role>-<zone> <3>
+endif::infra[]
+ifdef::infra[]
+        machine.openshift.io/cluster-api-machine-role: <infra> <2>
+        machine.openshift.io/cluster-api-machine-type: <infra> <2>
+        machine.openshift.io/cluster-api-machineset: <infrastructure_id>-<infra>-<zone> <3>
+endif::infra[]
+    spec:
+      metadata:
+        labels:
+ifndef::infra[]
+          node-role.kubernetes.io/<role>: ""
+endif::infra[]
+ifdef::infra[]
+          node-role.kubernetes.io/infra: ""
+endif::infra[]
+      providerSpec:
+        value:
+          apiVersion: machine.openshift.io/v1
+          credentialsSecret:
+            name: alibabacloud-credentials
+          imageId: <image_id> <4>
+          instanceType: <instance_type> <5>
+          kind: AlibabaCloudMachineProviderConfig
+          ramRoleName: <infrastructure_id>-role-worker <6>
+          regionId: <region> <7>
+          resourceGroup: <8>
+            id: <resource_group_id>
+            type: ID
+          securityGroups:
+          - tags: <9>
+            - Key: Name
+              Value: <infrastructure_id>-sg-<role>
+            type: Tags
+          systemDisk: <10>
+            category: cloud_essd
+            size: <disk_size>
+          tag: <9>
+          - Key: kubernetes.io/cluster/<infrastructure_id>
+            Value: owned
+          userDataSecret:
+            name: <user_data_secret> <11>
+          vSwitch:
+            tags: <9>
+            - Key: Name
+              Value: <infrastructure_id>-vswitch-<zone>
+            type: Tags
+          vpcId: ""
+          zoneId: <zone> <12>
+ifdef::infra[]
+        taints: <13>
+        - key: node-role.kubernetes.io/infra
+          effect: NoSchedule
+endif::infra[]
+----
+<1> Specify the infrastructure ID that is based on the cluster ID that you set when you provisioned the cluster. If you have the OpenShift CLI (`oc`) installed, you can obtain the infrastructure ID by running the following command:
++
+[source,terminal]
+----
+$ oc get -o jsonpath='{.status.infrastructureName}{"\n"}' infrastructure cluster
+----
+ifndef::infra[]
+<2> Specify the node label to add.
+<3> Specify the infrastructure ID, node label, and zone.
+endif::infra[]
+ifdef::infra[]
+<2> Specify the `<infra>` node label.
+<3> Specify the infrastructure ID, `<infra>` node label, and zone.
+endif::infra[]
+<4> Specify the image to use. Use an image from an existing default machine set for the cluster.
+<5> Specify the instance type you want to use for the machine set.
+<6> Specify the name of the RAM role to use for the machine set. Use the value that the installer populates in the default machine set.
+<7> Specify the region to place machines on.
+<8> Specify the resource group and type for the cluster. You can use the value that the installer populates in the default machine set, or specify a different one.
+<9> Specify the tags to use for the machine set. Minimally, you must include the tags shown in this example, with appropriate values for your cluster. You can include additional tags, including the tags that the installer populates in the default machine set it creates, as needed.
+<10> Specify the type and size of the root disk. Use the `category` value that the installer populates in the default machine set it creates. If required, specify a different value in gigabytes for `size`.
+<11> Specify the name of the secret in the user data YAML file that is in the `openshift-machine-api` namespace. Use the value that the installer populates in the default machine set.
+<12> Specify the zone within your region to place machines on. Be sure that your region supports the zone that you specify.
+ifdef::infra[]
+<13> Specify a taint to prevent user workloads from being scheduled on infra nodes.
+endif::infra[]
+
+ifeval::["{context}" == "creating-infrastructure-machinesets"]
+:!infra:
+endif::[]
+ifeval::["{context}" == "cluster-tasks"]
+:!infra:
+endif::[]
+
+////
+Not needed for this release, but the process to create a new value for the name of the secret in the user data YAML file is:
+1. Create a file (script with things you want to run).
+2. Run base64 encoding on the script.
+3. Add the base64-encoded string to a user data YAML file like this one: https://github.com/openshift/cluster-api-provider-alibaba/blob/main/examples/userdata.yml#L1 The `name` in that file should match the `userDataSecret` name in the machine set.
+4. Place the user data file in the `openshift-machine-api` namespace.
+////