[TELCODOCS-2249]: Telco Hub RDS update for 420

modules/hub-cluster-ref-config-crs.adoc

@@ -6,4 +6,4 @@
 [id="hub-cluster-ref-config-crs_{context}"]
 = Hub cluster reference configuration CRs
 
-The following sections briefly describe each custom resource (CR) for the telco management hub reference configuration in 4.19.
+The following sections briefly describe each custom resource (CR) for the telco management hub reference configuration in 4.20.

modules/telco-hub-acm-observability.adoc

@@ -13,9 +13,9 @@ The below table uses inputs derived from the telco RAN DU RDS and the hub cluste
 
 [NOTE]
 ====
-The following numbers are estimated.
-Tune the values for more accurate results.
-Add an engineering margin, for example +20%, to the results to account for potential estimation inaccuracies.
+The following numbers are estimates. Tune the values for more accurate results. Add an engineering margin, for example +20%, to the results to account for potential estimation inaccuracies.
+
+Storage requirements strongly depend on the number of replicas per different components. The {rh-rhacm} `MultiClusterObservability` custom resource allows sizing configuration for the observability stack, which corresponds to the number of replicas. The following sizing values are based on the default size.
 ====
 
 .Cluster requirements
@@ -69,10 +69,11 @@ With these input values, the sizing calculator as described in the Red Hat Knowl
 .Storage requirements
 [options="header"]
 |====
-2+|`thanos rule` PV 2+|`thanos store` PV 2+|Object bucket^[1]^
+|`thanos rule` PV 2+|`thanos store` PV 2+|Object bucket
 
-|*Per replica* |*Total* |*Per replica* |*Total* |*Per day* |*Total*
+|*Per replica* |*Total* |*Per replica* |*Total* |*Total*
 
-|30 GiB |90 GiB |100 GiB |300 GiB |15 GiB |101 GiB
+|30 GiB |90 GiB |100 GiB |300 GiB |310 GiB
 |====
-[1] For the object bucket, it is assumed that downsampling is disabled, so that only raw data is calculated for storage requirements.
+
+* It is not possible to set the `Object bucket` size in the MCO custom resource with downsampling enabled. This option may be available in the future.

modules/telco-hub-assisted-service.adoc

@@ -4,18 +4,26 @@
 
 The Assisted Service is deployed with the multicluster engine and {rh-rhacm-first}.
 
+[NOTE]
+====
+The following numbers are estimated. Tune the values for more accurate results. Add an engineering margin, for example +20%, to the results to account for potential estimation inaccuracies.
+====
+
 .Assisted Service storage requirements
 [cols="1,2", options="header"]
 |====
 |Persistent volume resource
 |Size (GB)
 
 |`imageStorage`
-|50
+|30
 
 |`filesystemStorage`
-|700
+|709
 
 |`dataBaseStorage`
-|20
+|0.7
 |====
+
+* `imageStorage` and `filesystemStorage` are calculated as described in the link:https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/clusters/cluster_mce_overview#enable-cim[about enabling central infrastructure management] section of the `MultiClusterEngine` custom resource documentation.
+* `dataBaseStorage` is calculated only by empirical estimations based on different factors, such as the cluster topology, the number of events produced during the installation, and hardware and configuration characteristics. Each host will take less than 200KB.

modules/telco-hub-crs-advanced-cluster-management.adoc

@@ -12,18 +12,23 @@
 Component,Reference CR,Description,Optional
 {rh-rhacm},`acmAgentServiceConfig.yaml`,Creates a policy to manage copying data from an object bucket claim into a secret for Observability to connect to Thanos.,No
 {rh-rhacm},`acmMCE.yaml`,Defines the MultiCluster Engine configuration required by ACM.,No
-{rh-rhacm},`acmMCH.yaml`,"Configures a `MultiClusterHub` CR with high availability, enabling various components and specifying installation settings.",No
+{rh-rhacm},`acmMCH.yaml`,"Configures `MultiClusterHub` with high availability, enabling various components and specifying installation settings for Open Cluster Management.",No
 {rh-rhacm},`acmMirrorRegistryCM.yaml`,Defines the SSL certificates and mirror registry configuration for various Red Hat and {product-title} registries used by the `multicluster-engine` in the `multicluster-engine` namespace.,No
 {rh-rhacm},`acmNS.yaml`,Defines the `open-cluster-management` namespace with a label to enable cluster monitoring.,No
-{rh-rhacm},`acmOperGroup.yaml`,"Defines an OperatorGroup for the `open-cluster-management` namespace, targeting the same namespace.",No
+{rh-rhacm},`acmOperGroup.yaml`,"Defines `OperatorGroup` for the `open-cluster-management` namespace, targeting the same namespace.",No
 {rh-rhacm},`acmPerfSearch.yaml`,Configures search for Open Cluster Management by defining various parameters and API settings.,No
 {rh-rhacm},`acmProvisioning.yaml`,Configures a provisioning resource in the metal3.io/v1alpha1 API version to watch all namespaces.,No
 {rh-rhacm},`acmSubscription.yaml`,Subscribes to the {rh-rhacm} Operator using automatic install plan approval.,No
 {rh-rhacm},`observabilityMCO.yaml`,Configures `MultiClusterObservability` for managing observability and alerting across multiple clusters.,No
 {rh-rhacm},`observabilityNS.yaml`,Creates an `open-cluster-management-observability` namespace.,No
 {rh-rhacm},`observabilityOBC.yaml`,Creates an `ObjectBucketClaim` CR in the `open-cluster-management-observability` namespace.,No
-{rh-rhacm},`observabilitySecret.yaml`,Creates a Secret CR in the `open-cluster-management-observability` namespace for storing Docker configuration details.,No
-{rh-rhacm},`pull-secret-copy.yaml`,Creates a policy to copy the global pull secret into observability namespaces.,No
-{rh-rhacm},`thanosSecret.yaml`,Creates a policy to copy data from an object bucket claim into a secret for observability to connect to Thanos.,No
-{cgu-operator},`talmSubscription.yaml`,Creates a `Subscription` CR for {cgu-operator}.,No
+{rh-rhacm},`observabilitySecret.yaml`,Creates a `Secret` CR in the `open-cluster-management-observability` namespace for storing container configuration details.,No
+{rh-rhacm},`pullSecretMCSB.yaml`,Creates `ManagedClusterSetBinding` for the pull secret policy.,No
+{rh-rhacm},`pullSecretPlacementBinding.yaml`,Creates the `PlacementBinding` needed for the pull secret policy.,No
+{rh-rhacm},`pullSecretPlacement.yaml`,Creates the Placement against local cluster needed for the pull secret policy.,No
+{rh-rhacm},`pullSecretPolicy.yaml`,Creates a policy to copy the global pull secret into observability namespaces.,No
+{rh-rhacm},`thanosSecretPlacementBinding.yaml`,Creates the `PlacementBinding` needed for the Thanos secret policy.,No
+{rh-rhacm},`thanosSecretPlacement.yaml`,Creates the Placement against local cluster needed for the Thanos secret policy.,No
+{rh-rhacm},`thanosSecretPolicy.yaml`,Creates a policy to copy data from an object bucket claim into a secret for observability to connect to Thanos.,No
+{cgu-operator},`talmSubscription.yaml`,Creates a `Subscription` CR for TALM.,No
 |====

modules/telco-hub-crs-container-registry.adoc

@@ -16,7 +16,6 @@ Registry,`idms-release.yaml`,Defines an image digest `MirrorSet` CR for {product
 Registry,`image-config.yaml`,Defines an image configuration CR to manage image registries and policies.,No
 Registry,`itms-generic.yaml`,Defines an image tag `MirrorSet` CR for mirrored images in a disconnected registry.,No
 Registry,`itms-release.yaml`,Defines an image tag `MirrorSet` CR for {product-title} release images.,No
-Registry,`kustomization.yaml`,Defines a `Kustomization` manifest for registry-related CRs.,No
 Registry,`operator-hub.yaml`,Configures the `OperatorHub` CR for offline catalog sources.,No
 Registry,`registry-ca.yaml`,Defines a `ConfigMap` CR containing registry CA certificates.,No
 |====

modules/telco-hub-crs-gitops-ztp.adoc

@@ -6,25 +6,28 @@
 [id="gitops-ztp-crs_{context}"]
 = {ztp-first} reference CRs
 
-.[ztp] CRs
+.{ztp} CRs
 [cols="4*", options="header", format=csv]
 |====
 Component,Reference CR,Description,Optional
 GitOps Operator,`argocd-ssh-known-hosts-cm.yaml`,Defines a `ConfigMap` CR to store SSH known hosts used by ArgoCD in a disconnected environment.,No
+GitOps Operator,`addPluginsMCSB.yaml`,Defines `ManagedClusterSetBinding` for the policy used to patch the GitOps Operator.,No
+GitOps Operator,`addPluginsPolicyNS.yaml`,Namespace for the GitOps plugin policy.,No
+GitOps Operator,`addPluginsPolicyPlacementBinding.yaml`,Defines `PlacementBinding` for the GitOps plugin policy.,No
+GitOps Operator,`addPluginsPolicyPlacement.yaml`,Defines the Placement CR against local cluster for the GitOps plugin policy.,No
 GitOps Operator,`addPluginsPolicy.yaml`,Defines a policy to add ArgoCD custom plugins to the GitOps controller.,No
 GitOps Operator,`argocd-application.yaml`,Defines the ArgoCD Application for GitOps management.,No
 GitOps Operator,`argocd-tls-certs-cm.yaml`,Defines a `ConfigMap` CR for ArgoCD TLS certificate management.,No
 GitOps Operator,`clusterrole.yaml`,Defines the `ClusterRole` CR that grants permissions to the GitOps Operator.,No
 GitOps Operator,`clusterrolebinding.yaml`,Binds the `ClusterRole` CR to the ArgoCD controller `ServiceAccount` CR.,No
 GitOps Operator,`gitopsNS.yaml`,Defines an `openshift-gitops-operator` namespace with a label for cluster monitoring.,No
-GitOps Operator,`gitopsOperatorGroup.yaml`,Defines an OperatorGroup in the `openshift-gitops-operator` namespace with a default upgrade strategy.,No
+GitOps Operator,`gitopsOperatorGroup.yaml`,Defines an `OperatorGroup` in the `openshift-gitops-operator` namespace with a default upgrade strategy.,No
 GitOps Operator,`gitopsSubscription.yaml`,"Defines a subscription for the {product-title} GitOps Operator, specifying automatic install plan approval and source details.",No
 GitOps Operator,`ztp-repo.yaml`,Defines the Git repository for ZTP manifests and configurations.,No
 GitOps applications,`app-project.yaml`,Defines an ArgoCD `AppProject` CR specifying resource whitelists and destination rules for cluster and namespace resources.,No
 GitOps applications,`clusters-app.yaml`,Defines a namespace and an ArgoCD application for managing the deployment of cluster configurations from the specified Git repository.,No
-GitOps applications,`gitops-cluster-rolebinding.yaml`,Defines a `ClusterRoleBinding` CR that grants the `cluster-admin` role to the openshift-gitops-argocd-application-controller service account in the `openshift-gitops` namespace.,No
+GitOps applications,`gitops-cluster-rolebinding.yaml`,Defines a `ClusterRoleBinding` CR that grants the `cluster-admin` role to the `openshift-gitops-argocd-application-controller` service account in the `openshift-gitops` namespace.,No
 GitOps applications,`gitops-policy-rolebinding.yaml`,Binds the `cluster-manager-admin` cluster role to the ArgoCD application controller `ServiceAccount` CR.,No
-GitOps applications,`kustomization.yaml`,"Defines a Kustomization configuration for the {ztp} application installations, listing various YAML resources to be included.",No
 GitOps applications,`policies-app-project.yaml`,"Defines an Argo CD AppProject resource, specifying cluster and namespace resource whitelists and destinations.",No
-GitOps applications,`policies-app.yaml`,Defines the ArgoCD `Application` CR for policy management.,No
+GitOps applications,`policies-app.yaml`,Defines a namespace and an ArgoCD application for policy management.,No
 |====

modules/telco-hub-crs-image-mirroring.adoc

@@ -1,6 +1,6 @@
 // Module included in the following assemblies:
 //
-// * scalability_and_performance/telco-hub-rds.adoc
+// * scalability-and-performance/telco-hub-rds.adoc
 
 :_mod-docs-content-type: REFERENCE
 [id="image-mirroring-crs_{context}"]
@@ -10,5 +10,5 @@
 [cols="4*", options="header", format=csv]
 |====
 Component,Reference CR,Description,Optional
-Mirroring configuration CRs,`imageset-config.yaml`,"Defines an `ImageSetConfiguration` CR for mirroring {product-title} channels and Operator packages specific to versions and target catalogs.",No
+Mirroring configuration CRs,`imageset-config.yaml`,"Defines an `ImageSetConfiguration` CR for mirroring {product-title} channels and Operator packages, specifying versions and target catalogs.",No
 |====

modules/telco-hub-crs-installation.adoc

@@ -10,6 +10,6 @@
 [cols="4*", options="header", format=csv]
 |====
 Component,Reference CR,Description,Optional
-Agent-based install,`agent-config.yaml`,"Use this example template `AgentConfig` CR to configure the Agent-based installer, specifying network and device settings for your target hosts.",No
-Agent-based install,`install-config.yaml`,"Use this example `install-config.yaml` template to configure your hub cluster installation for networking, control plane, compute nodes, mirror registries, and other environment-specific settings.",No
+Agent-based install,`agent-config.yaml`,"Use this `agent-config.yaml` template to configure the Agent-based installer, specifying network and device settings for the hosts to be installed.",No
+Agent-based install,`install-config.yaml`,"Use this `install-config.yaml` template to configure the hub cluster installation, including networking, control plane, compute nodes, and mirror registries.",No
 |====

modules/telco-hub-crs-storage.adoc

@@ -18,5 +18,5 @@ Local Storage Operator,`lsoSubscription.yaml`,Defines a `Subscription` CR for th
 {rh-storage},`odfOperatorGroup.yaml`,Defines an `OperatorGroup` for the `openshift-storage` namespace.,Yes
 {rh-storage},`odfReady.yaml`,Defines a resource to verify readiness of the ODF deployment.,Yes
 {rh-storage},`odfSubscription.yaml`,"Configures an {product-title} subscription to the {rh-storage} Operator, specifying installation details such as the Operator's name, namespace, channel, and approval strategy.",Yes
-{rh-storage},`storageCluster.yaml`,"Defines a `StorageCluster` CR with specific resource requests and limits, storage device sets, and annotations for Argo CD synchronization.",No
+{rh-storage},`storageCluster.yaml`,"Defines a `StorageCluster` CR with specific resource requests and limits, and storage device sets.,No
 |====

modules/telco-hub-managed-cluster-deployment.adoc

@@ -11,7 +11,8 @@ The `ClusterInstance` CR can be used to initiate cluster installation by using e
 
 Limits and requirements::
 * The SiteConfig ArgoCD plugin which handles `SiteConfig` CRs is deprecated from {product-title} 4.18.
-
+* Cluster deployment requires an HTTP server hosting root filesystem and release specific {op-system} live ISO images. Each ISO image for each OpenShift release to be deployed must be reachable by the hub cluster and each deployed spoke cluster. Only include ISO images which exist on the HTTP server in the `AgentServiceConfig` CR.
+* A container registry hosting all OpenShift and day-2 {olm-first} operator images reachable from all deployed spoke clusters. The hub configuration includes Kustomize overlays. Use them to provide the TLS certificates and credentials for a disconnected container registry.
 
 Engineering considerations::
 * You must create a `Secret` CR with the login information for the cluster baseboard management controller (BMC).

modules/telco-hub-networking.adoc

@@ -32,7 +32,8 @@ For the above networking configurations, some values are required, or can be aut
 ** Managed cluster access to hub cluster API service, ingress IP and control plane node IP addresses.
 ** Managed cluster BMC access to hub cluster control plane node IP addresses.
 * An image registry must be accessible throughout the lifetime of the hub cluster.
-** All required container images must be mirrored to the disconnected registry.
+** All required container images must be mirrored to the disconnected registry. All OpenShift releases and {olm} Operator release images needed in your deployment must be mirrored to the registry. Find an example of mirroring configuration in the reference as `imageset-config.yaml`, which must be updated to include your required versions. Only `ClusterImageSet` custom resources that reference mirrored versions support cluster deployment.
+
 ** The hub cluster must be configured to use a disconnected registry.
 ** The hub cluster cannot host its own image registry.
 For example, the registry must be available in a scenario where a power failure affects all cluster nodes.

modules/telco-hub-observability.adoc

@@ -7,7 +7,6 @@ To balance performance and data analysis, the monitoring service maintains a sub
 The metrics can be accessed on the hub through a set of different preconfigured dashboards.
 
 Observability installation::
-The primary CR to enable and configure the Observability service is the `MulticlusterObservability` CR, which defines the following settings:
 The primary custom resource (CR) to enable and configure the observability service is the `MulticlusterObservability` CR, which defines the following settings:
 
 * Configurable retention settings.

modules/telco-hub-rds-container.adoc

@@ -31,7 +31,7 @@ $ mkdir -p ./out
 +
 [source,terminal]
 ----
-$ podman run -it registry.redhat.io/openshift4/openshift-telco-hub-rds-rhel9:v4.19 | base64 -d | tar xv -C out
+$ podman run -it registry.redhat.io/openshift4/openshift-telco-hub-rds-rhel9:v4.20 | base64 -d | tar xv -C out
 ----
 
 .Verification

modules/telco-hub-software-stack.adoc

@@ -7,36 +7,36 @@
 [id="telco-hub-software-stack_{context}"]
 = Telco hub reference configuration software specifications
 
-The telco hub 4.19 solution has been validated using the following Red{nbsp}Hat software products for {product-title} clusters.
+The telco hub 4.20 solution has been validated using the following Red{nbsp}Hat software products for {product-title} clusters.
 
 .Telco hub cluster validated software components
 [cols=2*, width="80%", options="header"]
 |====
 |Component |Software version
 
 |{product-title}
-|4.19
+|4.20
+
+|{rh-rhacm-first}
+|2.15
 
 |Local Storage Operator
-|4.19
+|4.20
 
 |{odf-first}
-|4.18
-
-|{rh-rhacm-first}
-|2.13
+|4.20
 
 |{gitops-title}
-|1.16
+|1.18
 
 |{ztp-first} plugins
-|4.19
+|4.20
 
 |{mce-short} PolicyGenerator plugin
-|2.13
+|2.10
 
 |{cgu-operator-first}
-|4.19
+|4.20
 
 |Cluster Logging Operator
 |6.2

modules/telco-hub-storage-considerations.adoc

@@ -13,6 +13,7 @@ The hub cluster reference configuration provides storage through {rh-storage-fir
 
 Engineering considerations::
 * Use SSD or NVMe disks with low latency and high throughput for etcd storage.
+* To use {rh-storage}, ensure that storage disks are clean, especially before reinstallation. See Additional resources for more details.
 * The storage solution for telco hub clusters is {rh-storage}.
 ** Local Storage Operator supports the storage class used by {rh-storage} to provide block, file, and object storage as needed by other components on the hub cluster.
 * The Local Storage Operator `LocalVolume` configuration includes setting `forceWipeDevicesAndDestroyAllData: true` to support the reinstallation of hub cluster nodes where {rh-storage} has previously been used.

scalability_and_performance/telco-hub-rds.adoc

@@ -90,6 +90,7 @@ include::modules/telco-hub-storage-considerations.adoc[leveloffset=+2]
 [role="_additional-resources"]
 .Additional resources
 
+* link:https://access.redhat.com/solutions/7114870[ODF disks cleaning procedure]
 * xref:../storage/understanding-persistent-storage.adoc#persistent-storage-overview_understanding-persistent-storage[Persistent storage overview]
 * link:https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/latest/html/red_hat_openshift_data_foundation_architecture/index[{rh-storage} architecture]
 * xref:../storage/persistent_storage_local/persistent-storage-local.adoc#persistent-storage-using-local-volume[Persistent storage using local volumes]