OpenShift Cluster Install Config Generator

0. Choose your installation approach

Use this guide to decide the best OpenShift installation path before filling full cluster details.

OpenShift installation flow (reference)

OpenShift installation flow

Start from which infrastructure you have and how you want to install; then narrow to IPI/UPI, agent-based or assisted, and whether you are disconnected.

Which infra?

Cloud Orchestrated (e.g. ROSA, OSD on AWS/Azure/GCP) or bring-your-own cloud.

On-prem Bare metal or virtualized (VMware, Nutanix, KVM, Hyper-V).

How?

Assisted (e.g. console.redhat.com, no dedicated bootstrap), local/agent-based, full control (UPI), or installer-provisioned (IPI).

Disconnected installs use a mirror registry (no direct internet from the cluster).

UPI

User-provisioned: you provide hardware or VMs (physical or virtual). You manage networking, DNS, load balancers, and node lifecycle.

IPI

Installer-provisioned: installer creates machines on supported cloud or virtualization (with credentials and permissions). Needs access to the virtual environment.

Supporting hosts (typical)

Bastion / jump host — Linux VM or bare metal; often same L2/L3 network as cluster nodes.
Bootstrap — temporary node for some flows (not required for all assisted/agent paths).

IPI install-config (examples)

Environment, control plane and worker counts, cluster and service networks.
VMware: vCenter user, datastore, cluster, port group.

Environment Provisioning model Prefer Agent-based installation Connectivity

1. Installation profile

Platform

Installation method

Cluster name

Base domain

Enable FIPS

Disconnected installation (use internal registry mirrors)

Mirror registry host (optional)

Mirror repository prefix (optional)

Generate oc-mirror operator config

2. Cluster basics

OpenShift minor (channel)

Architecture

OpenShift version (z-stream) Enter version manually

Machine network CIDR

Cluster network CIDR

Cluster host prefix

Service network CIDR

Pull secret (JSON, from Red Hat console)

Sensitive value: you can add or update this later in generated install-config.yaml.

SSH public key

Sensitive value: you can add or update this later in generated install-config.yaml.

Pre-requisites execution planner

Use this page to sketch concrete DNS, VIP, and firewall values for your environment. Examples are dummy values — replace them with your own.

Scenario

Cluster name

Base domain

Production: example values

DNS records

Example values

Name	Type	Value	Purpose
api.ocp4.lab.example.com	A	192.168.50.5	API VIP (port 6443)
api-int.ocp4.lab.example.com	A	192.168.50.5	Internal API / machine config (22623)
*.apps.ocp4.lab.example.com	Wildcard	192.168.50.6	Ingress VIP (80/443)
master-0.ocp4.lab.example.com	A	192.168.50.10	Control plane node 1
master-1.ocp4.lab.example.com	A	192.168.50.11	Control plane node 2
master-2.ocp4.lab.example.com	A	192.168.50.12	Control plane node 3
worker-0.ocp4.lab.example.com	A	192.168.50.20	Worker node 1
worker-1.ocp4.lab.example.com	A	192.168.50.21	Worker node 2

Load balancer backend mapping

LB FQDN	VIP	Ports	Backends (example nodes)
api.ocp4.lab.example.com	192.168.50.5	6443	master-0, master-1, master-2
api-int.ocp4.lab.example.com	192.168.50.5	22623	master-0, master-1, master-2
*.apps.ocp4.lab.example.com	192.168.50.6	80, 443	worker-0, worker-1

Firewall ports (summary)

Source	Destination	Port/Protocol	Reason
Admins / automation	api.ocp4.lab.example.com	6443/TCP	Kubernetes API access
Cluster nodes	api-int.ocp4.lab.example.com	22623/TCP	Machine config server
Users / browsers	*.apps.ocp4.lab.example.com	80,443/TCP	App and console ingress

Lab / PoC: example values

In a lab, the bastion VM often provides DNS, NTP, HTTPD, proxy, and HAProxy VIPs. These examples assume a single vSphere or KVM environment.

DNS records

Example values

Name	Type	Value	Purpose
api.ocp4.lab.example.com	A	192.168.50.5	API VIP on bastion HAProxy
api-int.ocp4.lab.example.com	A	192.168.50.5	Internal API / machine config
*.apps.ocp4.lab.example.com	Wildcard	192.168.50.6	Ingress VIP on bastion HAProxy
master-0.ocp4.lab.example.com	A	192.168.50.10	Control plane node 1
master-1.ocp4.lab.example.com	A	192.168.50.11	Control plane node 2
master-2.ocp4.lab.example.com	A	192.168.50.12	Control plane node 3
worker-0.ocp4.lab.example.com	A	192.168.50.20	Worker node 1
worker-1.ocp4.lab.example.com	A	192.168.50.21	Worker node 2

VIPs on bastion HAProxy

LB FQDN	VIP	Ports	Backends (example nodes)
api.ocp4.lab.example.com	192.168.50.5	6443	master-0, master-1, master-2
api-int.ocp4.lab.example.com	192.168.50.5	22623	master-0, master-1, master-2
*.apps.ocp4.lab.example.com	192.168.50.6	80, 443	worker-0, worker-1

Firewall ports (summary)

Source	Destination	Port/Protocol	Reason
Bastion / admin host	api.ocp4.lab.example.com	6443/TCP	Install and `oc` API connectivity
Nodes	api-int.ocp4.lab.example.com	22623/TCP	Machine config during bootstrapping
Workstation users	*.apps.ocp4.lab.example.com	80,443/TCP	Console and application ingress

These examples are for learning labs only. For supported configurations and full port lists, always refer to the official OpenShift installation and firewall documentation.

3. Platform configuration

Enter only the fields for your selected platform.

4. Hosts (masters/workers)

For a compact cluster, define three master hosts and zero workers.

Hostname	Role	IP	MAC	Primary NIC	Bond?	Secondary NIC	Secondary MAC	Static IP?	Gateway	DNS servers (comma)

Rendezvous IP

Required for agent-based installs. Optional for UPI/IPI.

5. Review and generate

Compact cluster, bare metal / agent-based

6. Generated YAML

install-config.yaml

agent-config.yaml

oc-mirror ImageSetConfiguration (operators)

6. What to do next

After generating YAML:

Save install-config.yaml and (if present) agent-config.yaml to a working directory.
For disconnected installs, use imageContentSources, additionalTrustBundle, and operator-mirror-config.yaml with oc-mirror / oc adm release mirror to mirror content to your internal registry.
Run openshift-install agent create image --dir . in that directory to create a discovery ISO.
Boot your nodes from the ISO and monitor the installation until the cluster is ready.

6. Commands to run

Copy these commands and run them on your jump host / workstation as indicated.

OpenShift Cluster Install Config Generator

0. Choose your installation approach

OpenShift installation flow

Which infra?

How?

UPI

IPI

Supporting hosts (typical)

IPI install-config (examples)

Prerequisites planner (before you install)

Production-like environment

Lab / PoC on a single virtualization platform

1. Installation profile

2. Cluster basics

Pre-requisites execution planner

Production: example values

DNS records

Load balancer backend mapping

Firewall ports (summary)

Lab / PoC: example values

DNS records

VIPs on bastion HAProxy

Firewall ports (summary)

3. Platform configuration

On-premises configuration

vSphere configuration

Nutanix configuration

Cloud configuration

AWS configuration

Azure configuration

4. Hosts (masters/workers)

5. Review and generate

6. Generated YAML

install-config.yaml

agent-config.yaml

oc-mirror ImageSetConfiguration (operators)

6. What to do next

6. Commands to run