Merge pull request #85847 from AedinC/OSDOCS-12754

OSDOCS-12754:Restructuring PSC creating a cluster guide to overview one

Author: bmcelvee

_topic_maps/_topic_map_osd.yml

@@ -121,10 +121,10 @@ Name: Installing, accessing, and deleting OpenShift Dedicated clusters
 Dir: osd_install_access_delete_cluster
 Distros: openshift-dedicated
 Topics:
+- Name: Private Service Connect overview
+  File: creating-a-gcp-psc-enabled-private-cluster
 - Name: Creating a cluster on GCP with Workload Identity Federation
   File: creating-a-gcp-cluster-with-workload-identity-federation
-- Name: Creating a GCP Private Service Connect enabled private cluster
-  File: creating-a-gcp-psc-enabled-private-cluster
 - Name: Creating a cluster on GCP
   File: creating-a-gcp-cluster
 #- Name: Creating a cluster on GCP with a Red Hat cloud account

architecture/osd-architecture-models-gcp.adoc

@@ -9,15 +9,18 @@ toc::[]
 With {product-title} on {GCP}, you can create clusters that are accessible over public or private networks.
 
 include::modules/osd-gcp-architecture.adoc[leveloffset=+1]
-include::modules/private-service-connect-overview.adoc[leveloffset=+2]
-include::modules/osd-private-psc-architecture-model-gcp.adoc[leveloffset=+2]
-include::modules/osd-private-architecture-model-gcp.adoc[leveloffset=+2]
-include::modules/osd-public-architecture-model-gcp.adoc[leveloffset=+2]
+include::modules/osd-understanding-private-service-connect.adoc[leveloffset=+1]
+include::modules/private-service-connect-psc-architecture.adoc[leveloffset=+2]
+include::modules/osd-private-psc-architecture-model-gcp.adoc[leveloffset=+1]
+include::modules/osd-private-architecture-model-gcp.adoc[leveloffset=+1]
+include::modules/osd-public-architecture-model-gcp.adoc[leveloffset=+1]
 
 [role="_additional-resources"]
 [id="osd-architecture-models-additional-resources"]
 == Additional resources
 
-* xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc[Creating a GCP Private Service Connect enabled private cluster]
+*  xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc#creating-a-gcp-psc-enabled-private-cluster[Private Service Connect overview]
+
+* xref:../osd_install_access_delete_cluster/creating-a-gcp-cluster-with-workload-identity-federation.adoc#osd-creating-a-cluster-on-gcp-with-workload-identity-federation[Creating a cluster on GCP with Workload Identity Federation]
 
 

modules/osd-understanding-private-service-connect.adoc

@@ -0,0 +1,18 @@
+// Module included in the following assemblies:
+//
+// * osd-architecture-models-gcp.adoc
+// * osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="osd-understanding-private-service-connect_{context}"]
+= Understanding Private Service Connect
+
+Private Service Connect (PSC), a capability of Google Cloud networking, enables private communication between services across different projects or organizations within GCP. Users that implement PSC as part of their network connectivity can deploy {product-title} clusters in a private and secured environment within {GCP} without any public facing cloud resources.
+
+For more information about PSC, see link:https://cloud.google.com/vpc/docs/private-service-connect[Private Service Connect].
+
+[IMPORTANT]
+====
+PSC is only available on {product-title} version 4.17 and later, and is only supported by the Customer Cloud Subscription (CCS) infrastructure type.
+====
+

modules/private-service-connect-prereqs.adoc

@@ -27,7 +27,12 @@ For information about how to create a VPC on {GCP}, see link:https://cloud.googl
 
 In addition to the requirements listed above, clusters configured with the **Service Account authentication type** must grant the `IAP-Secured Tunnel User` role to `osd-ccs-admin` service account.
 
-For more information about the prerequisites that must be completed before deploying an {product-title} on {GCP}, see _Additional resources_.
+For more information about the prerequisites that must be completed before deploying an {product-title} on {GCP}, see _Customer Requirements_.
+
+[NOTE]
+====
+PSC is supported with the Customer Cloud Subscription (CCS) infrastructure type only. To create an {product-title} on {GCP} using PSC, see _Creating a cluster on GCP with Workload Identity Federation_.
+====
 
 // [id="prereqs-wif-authentication_{context}"]
 // == Requirements when using Workload Identity Federation authentication type

…es/private-service-connect-overview.adoc …te-service-connect-psc-architecture.adocmodules/private-service-connect-overview.adoc renamed to modules/private-service-connect-psc-architecture.adoc modules/private-service-connect-overview.adoc renamed to modules/private-service-connect-psc-architecture.adoc

@@ -1,20 +1,11 @@
 // Module included in the following assemblies:
 //
 // * osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc
+// * architecture/osd-architecture-models-gcp.adoc
 
 :_mod-docs-content-type: CONCEPT
-[id="private-service-connect-overview_{context}"]
-= Private Service Connect overview
-Private Service Connect (PSC), a capability of Google Cloud networking, enables private communication between services across different projects or organizations within GCP. Users that implement PSC as part of their network connectivity can deploy {product-title} clusters in a private and secured environment within {GCP} without any public facing cloud resources.
-For more information on PSC, see link:https://cloud.google.com/vpc/docs/private-service-connect[Private Service Connect].
-
-[IMPORTANT]
-====
-Private Service Connect is supported by the Customer Cloud Subscription (CCS) infrastructure type only.
-====
-
 [id="psc-architecture_{context}"]
-== Private Service Connect architecture
+= Private Service Connect architecture
 
 The PSC architecture includes producer services and consumer services. Using PSC, the consumers can access producer services privately from inside their VPC network. Similarly, it allows producers to host services in their own separate VPC networks and offer a private connect to their consumers.
 
@@ -32,3 +23,5 @@ The following image depicts how Red HAT SREs and other internal resources access
 
 .PSC architecture overview
 image::psc_arch_2.png[PSC architecture overview]
+
+

osd_getting_started/osd-getting-started.adoc

@@ -31,9 +31,9 @@ Complete the steps in one of the following sections to deploy {product-title} in
 
 * *Creating a cluster on GCP with CCS*: You can install {product-title} in your own {GCP} account by using the CCS model.
 
-** Red Hat recommends using GCP Workload Identity Federation (WIF) as the authentication type for installing and interacting with the {product-title} cluster deployed on {GCP} because it provides enhanced security. For more details, see xref:../osd_install_access_delete_cluster/creating-a-gcp-cluster-with-workload-identity-federation.adoc[Creating a cluster on GCP with Workload Identity Federation].
+** Red Hat recommends using GCP Workload Identity Federation (WIF) as the authentication type for installing and interacting with the {product-title} cluster deployed on {GCP} because it provides enhanced security. For more information, see xref:../osd_install_access_delete_cluster/creating-a-gcp-cluster-with-workload-identity-federation.adoc[Creating a cluster on GCP with Workload Identity Federation].
 
-*** An {product-title} cluster deployed on {GCP} can be created in Private cluster mode, without any cloud resources. In this configuration, Red Hat uses Google Cloud Private Service Connect (PSC) to manage and monitor a cluster to avoid all public ingress network traffic. For more details, see xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc[Creating a GCP Private Service Connect enabled private cluster].
+** Red Hat also recommends creating an {product-title} cluster deployed on {GCP} in Private cluster mode with Private Service Connect (PSC) to manage and monitor a cluster to avoid all public ingress network traffic. For more information, see xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc#creating-a-gcp-psc-enabled-private-cluster[Private Service Connect overview].
 
 ** For installing and interacting with the {product-title} cluster deployed on the {GCP} using the Service Account authentication type, see xref:../osd_install_access_delete_cluster/creating-a-gcp-cluster.adoc#osd-create-gcp-cluster-ccs_osd-creating-a-cluster-on-gcp[Creating a cluster on GCP].
 

osd_install_access_delete_cluster/creating-a-gcp-cluster.adoc

@@ -29,14 +29,14 @@ include::modules/osd-create-cluster-red-hat-account.adoc[leveloffset=+1]
 
 * For information about Workload Identity Federation, see xref:../osd_install_access_delete_cluster/creating-a-gcp-cluster-with-workload-identity-federation.adoc#osd-creating-a-cluster-on-gcp-with-workload-identity-federation[Creating a cluster on GCP with Workload Identity Federation].
 
-* For information about Private Service Connect (PSC), see xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc#private-service-connect-overview_osd-creating-a-gcp-psc-enabled-private-cluster[Private Service Connect overview].
+* For information about Private Service Connect (PSC), see xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc#creating-a-gcp-psc-enabled-private-cluster[Private Service Connect overview].
 * For information about configuring a proxy with {product-title}, see xref:../networking/configuring-cluster-wide-proxy.adoc#configuring-a-cluster-wide-proxy[Configuring a cluster-wide proxy].
 * For information about persistent storage for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#sdpolicy-storage_osd-service-definition[Storage] section in the {product-title} service definition.
 * For information about load balancers for {product-title}, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#load-balancers_osd-service-definition[Load balancers] section in the {product-title} service definition.
 * For more information about etcd encryption, see the xref:../osd_architecture/osd_policy/osd-service-definition.adoc#etcd-encryption_osd-service-definition[etcd encryption service definition].
 * For information about the end-of-life dates for {product-title} versions, see the xref:../osd_architecture/osd_policy/osd-life-cycle.adoc#osd-life-cycle[{product-title} update life cycle].
-* For general information on Cloud network address translation(NAT) that is required for cluster-wide proxy, see link:https://cloud.google.com/nat/docs/overview[Cloud NAT overview] in the Google documentation.
-* For general information on Cloud routers that are required for the cluster-wide proxy, see link:https://cloud.google.com/network-connectivity/docs/router/concepts/overview[Cloud Router overview] in the Google documentation.
-* For information on creating VPCs within your Google Cloud Provider account, see link:https://cloud.google.com/vpc/docs/create-modify-vpc-networks[Create and manage VPC networks] in the Google documentation.
+* For general information about Cloud network address translation(NAT) that is required for cluster-wide proxy, see link:https://cloud.google.com/nat/docs/overview[Cloud NAT overview] in the Google documentation.
+* For general information about Cloud routers that are required for the cluster-wide proxy, see link:https://cloud.google.com/network-connectivity/docs/router/concepts/overview[Cloud Router overview] in the Google documentation.
+* For information about creating VPCs within your Google Cloud Provider account, see link:https://cloud.google.com/vpc/docs/create-modify-vpc-networks[Create and manage VPC networks] in the Google documentation.
 * For information about configuring identity providers, see xref:../authentication/sd-configuring-identity-providers.adoc#sd-configuring-identity-providers[Configuring identity providers].
 * For information about revoking cluster privileges, see xref:../authentication/osd-revoking-cluster-privileges.adoc#osd-revoking-cluster-privileges[Revoking privileges and access to an {product-title} cluster].

osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc

@@ -1,21 +1,22 @@
 :_mod-docs-content-type: ASSEMBLY
-[id="osd-creating-a-gcp-psc"]
-= Creating a GCP Private Service Connect enabled private cluster
+[id="creating-a-gcp-psc-enabled-private-cluster"]
+= Private Service Connect overview
 include::_attributes/attributes-openshift-dedicated.adoc[]
 :context: osd-creating-a-gcp-psc-enabled-private-cluster
 
 toc::[]
 You can create a private {product-title} cluster on {GCP} using Google Cloud's security-enhanced networking feature Private Service Connect (PSC).
 
-include::modules/private-service-connect-overview.adoc[leveloffset=+1]
-
+include::modules/osd-understanding-private-service-connect.adoc[leveloffset=+1]
 include::modules/private-service-connect-prereqs.adoc[leveloffset=+1]
+include::modules/private-service-connect-psc-architecture.adoc[leveloffset=+1]
 
-include::modules/private-service-connect-create.adoc[leveloffset=+1]
 
+[id="next-steps-psc_{context}"]
+== Next steps
+* To learn more about {product-title} on {GCP} cluster prerequisites, see xref:../osd_planning/gcp-ccs.adoc#ccs-gcp-customer-requirements_gcp-ccs[Customer Requirements].
 
-[id="additional-resources_{context}"]
-== Additional resources
-For information on {product-title} on {GCP} cluster prerequisites, see xref:../osd_planning/gcp-ccs.adoc#ccs-gcp-customer-requirements_gcp-ccs[Customer Requirements].
+* To configure your firewalls, see xref:../osd_planning/gcp-ccs.adoc#osd-gcp-psc-firewall-prerequisites_gcp-ccs[GCP firewall prerequisites].
 
-For information about configuring your firewalls , see xref:../osd_planning/gcp-ccs.adoc#osd-gcp-psc-firewall-prerequisites_gcp-ccs[GCP firewall prerequisites].
+* To create an {product-title} on {GCP} using PSC with the Workload Identity Federation authentication type, see
+ xref:../osd_install_access_delete_cluster/creating-a-gcp-cluster-with-workload-identity-federation.adoc#osd-creating-a-cluster-on-gcp-with-workload-identity-federation[Creating a cluster on GCP with Workload Identity Federation].

osd_whats_new/osd-whats-new.adoc

@@ -28,7 +28,7 @@ xref:../osd_install_access_delete_cluster/creating-a-gcp-cluster-with-workload-i
 +
 PSC is a capability of Google Cloud networking that enables private communication between services across different GCP projects or organizations. Implementing PSC as part of your network connectivity allows you to deploy OpenShift Dedicated clusters in a private and secured environment within GCP without using any public-facing cloud resources.
 +
-For more information, see xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc[Creating a GCP Private Service Connect enabled private cluster].
+For more information, see  xref:../osd_install_access_delete_cluster/creating-a-gcp-psc-enabled-private-cluster.adoc#creating-a-gcp-psc-enabled-private-cluster[Private Service Connect overview].
 
 [id="osd-q3-2024_{context}"]
 === Q3 2024