[Guide] OpenShift on vSphere - Roles and Permissions
Deployment Mode: Installed Provisioned Infrastructure
OpenShift Installer-Provisioned Infrastructure (IPI) is a deployment method for OpenShift Container Platform that provides a full-stack automated installation and setup process.
The installer manages all aspects of the cluster deployment, including the underlying infrastructure and the operating system itself. IPI creates a bootstrap virtual machine on a provisioner node, which assists in deploying the OpenShift cluster.
The most common way to deploy OpenShift is on vSphere. For the vSphere Integration Permissions are needed:
Create vSphere Roles and Permissions
I created a PowerShell Script to create all the necessary vSphere Roles and Permissions:
Full script here
The script will generate the Roles, assigning the vSphere Roles to the required vSphere Objects is still needed, depending on your setup.
Always needed:
- Assing the 'OpenShift_vCenter Role' on the vCenter Object.
- Assign the 'OpenShift_Datastore Role' to the Datastore OpenShift will run on.
- Assign the 'OpenShift_PortGroup Role' to the Portgroup OpenShift will run on.
- Assign the 'OpenShift_VMFolder Role' where your OpenShift VMs will reside
Optional:
- Assign the 'OpenShift_Cluster Role' to your vSphere Cluster. If VMs will be created in the cluster root
- Assign the 'OpenShift_ResourcePool Role' to your vSphere Ressource Pool. If an existing resource pool is provided
- Assign the 'OpenShift_Datacenter Role' to your Datacenter. If the installation program creates the virtual machine folder