apiVersion: v1 additionalTrustBundlePolicy: Always baseDomain: danclark.io compute: - architecture: amd64 hyperthreading: Enabled name: worker replicas: 3 # Set to 0 for a 3 node cluster. Minimum 2 for a standard cluster controlPlane: architecture: amd64 hyperthreading: Enabled name: master replicas: 3 metadata: creationTimestamp: null name: ocp4 networking: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 networkType: OVNKubernetes serviceNetwork: - 172.30.0.0/16 machineNetwork: - cidr: 192.168.1.0/24 # CIDR block of IPs for the physical servers platform: baremetal: apiVIPs: # IP for the API. This is not the same IP of any of the bare metal servers but in the same CIDR block as the machine network - 192.168.1.100 ingressVIPs: # IP for the Ingress. This is not the same IP of any of the bare metal servers but in the same CIDR block as the machine network - 192.168.1.101 publish: External fips: false # Make sure the pull secret has creds for your private repo pullSecret: '' sshKey: 'ssh-rsa .....' # Make sure the additional trust bundle includes the CA of your private registry #additionalTrustBundle: | # -----BEGIN CERTIFICATE----- # -----END CERTIFICATE----- # -----BEGIN CERTIFICATE----- # -----END CERTIFICATE----- # Note: oc mirror will create a file called imageContentSourcePolicy.yaml after pushing images to your private registry # The mappings below can be found in that file and will already have the right registry name and location # these are default examples for a command like # oc-mirror --from bastion.localdomain:5000 imageContentSources: - mirrors: - bastion.localdomain:5000/openshift/release # Change this line to point to your private registry source: quay.io/openshift-release-dev/ocp-v4.0-art-dev - mirrors: - bastion.localdomain:5000/openshift/release-images # Change this line to point to your private registry source: quay.io/openshift-release-dev/ocp-release