Merge pull request #58637 from xenolinux/tags

michaelryanpeter · web-flow · commit 24c2af344ef0 · 2023-04-20T11:09:02.000-04:00
OCPBUGS#11250: Add prohibited tags for AWS VPC
diff --git a/modules/installation-custom-aws-vpc.adoc b/modules/installation-custom-aws-vpc.adoc
@@ -96,9 +96,9 @@ In case you need to create a public subnet in the AWS Outposts, verify that this
 To access your local cluster over your local network, the VPC must be associated with your Outpost's local gateway route table. For more information, see link:https://docs.aws.amazon.com/outposts/latest/userguide/outposts-local-gateways.html#vpc-associations[VPC associations] in the AWS Outposts User Guide.
 ====
 endif::aws-outposts[]
-* The VPC must not use the `kubernetes.io/cluster/.*: owned` tag.
+* The VPC must not use the `kubernetes.io/cluster/.*: owned`, `Name`, and `openshift.io/cluster` tags.
 +
-The installation program modifies your subnets to add the `kubernetes.io/cluster/.*: shared` tag, so your subnets must have at least one free tag slot available for it. See link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-restrictions[Tag Restrictions] in the AWS documentation to confirm that the installation program can add a tag to each subnet that you specify.
+The installation program modifies your subnets to add the `kubernetes.io/cluster/.*: shared` tag, so your subnets must have at least one free tag slot available for it. See link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-restrictions[Tag Restrictions] in the AWS documentation to confirm that the installation program can add a tag to each subnet that you specify. You cannot use a `Name` tag, because it overlaps with the EC2 `Name` field and the installation fails.
 * You must enable the `enableDnsSupport` and `enableDnsHostnames` attributes in your VPC, so that the cluster can use the Route 53 zones that are attached to the VPC to resolve cluster's internal DNS records. See link:https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support[DNS Support in Your VPC] in the AWS documentation.
 +
 If you prefer to use your own Route 53 hosted private zone, you must associate the existing hosted zone with your VPC prior to installing a cluster. You can define your hosted zone using the `platform.aws.hostedZone` field in the `install-config.yaml` file.

Original file line number	Diff line number	Diff line change
`@@ -96,9 +96,9 @@ In case you need to create a public subnet in the AWS Outposts, verify that this`
`96`	`96`	`To access your local cluster over your local network, the VPC must be associated with your Outpost's local gateway route table. For more information, see link:https://docs.aws.amazon.com/outposts/latest/userguide/outposts-local-gateways.html#vpc-associations[VPC associations] in the AWS Outposts User Guide.`
`97`	`97`	`====`
`98`	`98`	`endif::aws-outposts[]`
`99`		-* The VPC must not use the `kubernetes.io/cluster/.*: owned` tag.
	`99`	+* The VPC must not use the `kubernetes.io/cluster/.*: owned`, `Name`, and `openshift.io/cluster` tags.
`100`	`100`	`+`
`101`		-The installation program modifies your subnets to add the `kubernetes.io/cluster/.*: shared` tag, so your subnets must have at least one free tag slot available for it. See link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-restrictions[Tag Restrictions] in the AWS documentation to confirm that the installation program can add a tag to each subnet that you specify.
	`101`	+The installation program modifies your subnets to add the `kubernetes.io/cluster/.*: shared` tag, so your subnets must have at least one free tag slot available for it. See link:https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-restrictions[Tag Restrictions] in the AWS documentation to confirm that the installation program can add a tag to each subnet that you specify. You cannot use a `Name` tag, because it overlaps with the EC2 `Name` field and the installation fails.
`102`	`102`	* You must enable the `enableDnsSupport` and `enableDnsHostnames` attributes in your VPC, so that the cluster can use the Route 53 zones that are attached to the VPC to resolve cluster's internal DNS records. See link:https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support[DNS Support in Your VPC] in the AWS documentation.
`103`	`103`	`+`
`104`	`104`	If you prefer to use your own Route 53 hosted private zone, you must associate the existing hosted zone with your VPC prior to installing a cluster. You can define your hosted zone using the `platform.aws.hostedZone` field in the `install-config.yaml` file.