openshift
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 0 deletions b/‎.gitignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎_attributes/attributes-openshift-dedicated.adoc‎
Lines changed: 1 addition & 0 deletions b/‎_attributes/attributes-openshift-dedicated.adoc‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎_topic_maps/_topic_map_rosa_hcp.yml‎
Lines changed: 3 additions & 0 deletions b/‎_topic_maps/_topic_map_rosa_hcp.yml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎modules/rosa-hcp-upgrade-options.adoc‎
Lines changed: 10 additions & 4 deletions b/‎modules/rosa-hcp-upgrade-options.adoc‎
Lines changed: 10 additions & 4 deletions
diff --git a/‎modules/rosa-hcp-upgrading-autonode-clusters.adoc‎
Lines changed: 24 additions & 0 deletions b/‎modules/rosa-hcp-upgrading-autonode-clusters.adoc‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎modules/rosa-nodes-autonode-about.adoc‎
Lines changed: 12 additions & 0 deletions b/‎modules/rosa-nodes-autonode-about.adoc‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎modules/rosa-nodes-autonode-managing-create-nodepool.adoc‎
Lines changed: 74 additions & 0 deletions b/‎modules/rosa-nodes-autonode-managing-create-nodepool.adoc‎
Lines changed: 74 additions & 0 deletions
diff --git a/‎modules/rosa-nodes-autonode-managing-enable-cli.adoc‎
Lines changed: 103 additions & 0 deletions b/‎modules/rosa-nodes-autonode-managing-enable-cli.adoc‎
Lines changed: 103 additions & 0 deletions
diff --git a/‎modules/rosa-nodes-autonode-managing-enable-ui.adoc‎
Lines changed: 77 additions & 0 deletions b/‎modules/rosa-nodes-autonode-managing-enable-ui.adoc‎
Lines changed: 77 additions & 0 deletions
@@ -20,3 +20,5 @@ commercial_package
 !.vale/templates
 !.vale/config/vocabularies
 
+# Agent workspace
+.agent_workspace/
@@ -35,6 +35,7 @@
 :sts-short: STS
 :insights-operator: Insights Operator
 :red-hat-lightspeed: Red{nbsp}Hat Lightspeed
+:autonode: Red{nbsp}Hat build of Karpenter
 //logging
 :logging-title: logging for Red Hat OpenShift
 :logging-title-uc: Logging for Red Hat OpenShift
 
@@ -458,6 +458,7 @@ Topics:
   File: rosa-cluster-autoscaling-hcp
 - Name: Managing compute nodes using machine pools
   Dir: rosa_nodes
+  Distro: openshift-rosa-hcp
   Topics:
   - Name: About machine pools
     File: rosa-nodes-machinepools-about
@@ -470,6 +471,8 @@ Topics:
     File: rosa-nodes-about-autoscaling-nodes
   - Name: Configuring cluster memory to meet container memory and risk requirements
     File: nodes-cluster-resource-configure
+- Name: Managing compute nodes using Red Hat build of Karpenter
+  File: rosa-nodes-managing-karpenter
 - Name: Configuring PID limits
   File: rosa-configuring-pid-limits
 - Name: Managing multi-architecture clusters
 
@@ -1,17 +1,23 @@
+// Module included in the following assemblies:
+//
+// * upgrading/rosa-hcp-upgrading.adoc
+
 :_mod-docs-content-type: CONCEPT
 [id="rosa-upgrade-options_{context}"]
-= Update options for {product-title} clusters
+= Update options for {product-title} clusters configured with {autonode}
 
 [role="_abstract"]
-You can control the impact of updates to your workload by controlling which parts of the cluster are updated, for example:
+You can control the impact of updates to your workload by controlling which parts of the cluster are updated. 
 
-Update only the hosted control plane:: This initiates update of the hosted control plane. It does not impact your worker nodes.
+Update only the hosted control plane:: This initiates update of the hosted control plane. When the cluster is not configured with {autonode}, it does not impact your worker nodes. When the cluster is configured with {autonode}, worker nodes that are part of the default `EC2NodeClass` resource managed by Karpenter are updated along with the {hcp}.
 
 Update nodes in a machine pool:: {product-title} machine pool updates are designed to fully replace each node in a machine pool during the update process. This provides additional security and stability benefits over performing an in-place update. Updating the nodes in a machine pool initiates a rolling replacement of nodes in the specified machine pool, and temporarily impacts the worker nodes on that machine pool. You can also update multiple machine pools concurrently.
 
+Update nodes in a Karpenter-managed `EC2NodeClass`:: When {autonode} is enabled, `OpenshiftEC2NodeClass` resource created in the cluster can be upgraded.  
+
 [IMPORTANT]
 ====
-You cannot update the hosted control plane at the same time as any machine pool update. You will need to update the hosted control plane first, and then update machine pools.
+You cannot update the hosted control plane at the same time as any machine pool update. You must update the hosted control plane first, and then update machine pools.
 ====
 
 [IMPORTANT]
 
@@ -0,0 +1,24 @@
+// Module included in the following assemblies:
+//
+// * upgrading/rosa-hcp-upgrading.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="rosa-nodes-autonode-upgrading-autonode_{context}"]
+= Understanding upgrades for {product-title} clusters configured with {autonode}
+
+[role="_abstract"]
+You can upgrade clusters that are configured with {autonode}. 
+
+[id="rosa-nodes-autonode-upgrading-autonode-openshiftec2nodeclass_{context}"]
+*Default `OpenshiftEC2NodeClass`*
+
+When you enable {autonode}, a default `OpenshiftEC2NodeClass` resource is created with the same version as that of the hosted control plane. All node pools that reference the default `EC2NodeClass` are automatically upgraded as part of the hosted control plane upgrade.
+
+[id="rosa-nodes-autonode-upgrading-autonode-secondary-openshiftec2nodeclass_{context}"]
+*Optional `OpenshiftEC2NodeClass`*
+
+Upgrade behavior depends on whether or not the `OpenshiftEC2NodeClass` is pinned to a version by using the `spec.version` field.  
+
+Unpinned `OpenshiftEC2NodeClass`:: By default, `OpenshiftEC2NodeClass` resources have the same version of the hosted control plane. When the hosted control plane is upgraded, unpinned `OpenshiftEC2NodeClass` resources are automatically upgraded.  
+
+Pinned `OpenshiftEC2NodeClass`:: In the `OpenshiftEC2NodeClass` resource, you can specify a valid {ocp-short} version in `spec.version`. Specifying this version pins the cluster's node pools to a specific version. Any pinned `OpenshiftEC2NodeClass` resources are not upgraded as part of the hosted control plane upgrade. You can update the `spec.version` of pinned `OpenshiftEC2NodeClass` resources to a valid version. Updating this `spec.version` field initiates the upgrade of all of the node pools that reference its corresponding `OpenshiftEC2NodeClass` resource. 
@@ -0,0 +1,12 @@
+// Module included in the following assemblies:
+//
+// * rosa_cluster_admin/rosa-nodes-managing-karpenter.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="rosa-nodes-autonode-about_{context}"]
+= About {autonode}
+
+[role="_abstract"]
+{autonode} builds on the open source Karpenter project and provides automatic node provisioning for {product-title} clusters. Karpenter watches for pods that the Kubernetes scheduler marks as unschedulable and evaluates their scheduling constraints, including resource requests, node selectors, affinities, tolerations, and topology spread constraints. Karpenter then provisions nodes that meet the specific requirements of those waiting pods.
+
+Karpenter improves cluster efficiency by provisioning nodes that match workload requirements instead of requiring pre-configured node pools. When nodes are no longer needed, Karpenter removes them to reduce costs. For more information about Karpenter capabilities and architecture, see _Karpenter project documentation_ in the Additional resources.
@@ -0,0 +1,74 @@
+// Module included in the following assemblies:
+//
+// * rosa_cluster_admin/rosa-nodes-managing-karpenter.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="rosa-nodes-autonode-managing-nodepool_{context}"]
+= Create a node pool
+
+[role="_abstract"]
+Create a node pool to define the compute capacity that {autonode} can provision.
+
+.Procedure
+
+. Create a node pool manifest:
++
+[source,terminal]
+----
+$ cat > nodepool.yaml <<'EOF'
+apiVersion: karpenter.sh/v1
+kind: NodePool
+metadata:
+  name: default-np
+spec:
+  template:
+    metadata:
+      labels:
+        autonode: "true"
+    spec:
+      requirements:
+      - key: node.kubernetes.io/instance-type
+        operator: In
+        values:
+        - c5.xlarge
+      - key: karpenter.sh/capacity-type
+        operator: In
+        values: ["on-demand"]
+      nodeClassRef:
+        group: karpenter.k8s.aws
+        kind: EC2NodeClass
+        name: default
+EOF
+----
+where:
+`nodeClassRef.kind`::
+Required field that must use the `EC2NodeClass` type.
+`spec.labels`::
+Optional field that you can use to place pods by using labels.
++
+[NOTE]
+====
+For a list of all requirements available under `spec.requirements`, see the _Additional resources_.
+====
+
+. Apply the node pool:
++
+[source,terminal]
+----
+$ oc apply -f nodepool.yaml
+----
+
+. Verify the node pool is ready:
++
+[source,terminal]
+----
+$ oc get nodepool
+----
++
+*Example output*
++
+[source,terminal]
+----
+NAME         NODECLASS   NODES   READY   AGE
+default-np   default     0       True    3s
+----
@@ -0,0 +1,103 @@
+// Module included in the following assemblies:
+//
+// * rosa_cluster_admin/rosa-nodes-managing-karpenter.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="rosa-nodes-autonode-managing-enable-cli_{context}"]
+= Enable {autonode} using {rosa-cli}
+
+[role="_abstract"]
+Enable {autonode} on your cluster by using {rosa-cli-first} after it finishes installing.
+
+.Procedure
+
+. Export your cluster name and ID to environment variables:
++
+[source,terminal,subs="+quotes"]
+----
+$ export CLUSTER_NAME=<cluster_name>
+$ export CLUSTER_ID=$(rosa describe cluster -c "$CLUSTER_NAME" -o json | jq -r '.id')
+$ echo $CLUSTER_NAME $CLUSTER_ID
+----
+
+. Wait for the cluster to become ready:
++
+[source,terminal]
+----
+$ rosa describe cluster -c $CLUSTER_ID | grep -i State
+----
++
+*Example output*
++
+[source,terminal]
+----
+State:                      ready
+----
+
+. Ensure that your {autonode} IAM role is correctly set:
++
+[source,terminal]
+----
+$ ROLE_ARN=$(aws iam get-role --role-name rosa-karpenter-controller-role-${CLUSTER_NAME} --query 'Role.Arn' --output text)
+----
+
+. Enable {autonode}:
++
+[source,terminal]
+----
+$ rosa edit cluster -c $CLUSTER_ID \
+  --autonode=enabled \
+  --autonode-iam-role-arn=$ROLE_ARN
+----
+
+. If you do not already have cluster admin access, create a cluster admin user:
++
+[source,terminal]
+----
+$ rosa create admin -c $CLUSTER_ID
+----
+
+. Log in to the cluster using the credentials from the previous command:
++
+[source,terminal]
+----
+$ oc login <api_url> --username cluster-admin --password <password>
+----
+
+. Verify that the {autonode} custom resource definitions (CRDs) are present:
++
+[source,terminal]
+----
+$ oc get ec2nodeclass
+----
++
+[NOTE]
+====
+The node pool manifest uses the `EC2NodeClass` resource.
+====
++
+*Example output*
++
+[source,terminal]
+----
+NAME      READY   AGE
+default   True    5m
+----
++
+[source,terminal]
+----
+$ oc get openshiftec2nodeclass
+----
++
+[NOTE]
+====
+The `OpenShiftEC2NodeClass` resource is Red{nbsp}Hat's wrapper to communicate with the `EC2NodeClass` resource.
+====
++
+*Example output*
++
+[source,terminal]
+----
+NAME      READY
+default   True
+----
@@ -0,0 +1,77 @@
+// Module included in the following assemblies:
+//
+// * rosa_cluster_admin/rosa-nodes-managing-karpenter.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="rosa-nodes-autonode-managing-enable-ui_{context}"]
+= Enable {autonode} using {cluster-manager}
+
+[role="_abstract"]
+Enable {autonode} on your cluster by using {cluster-manager} after it finishes installing.
+
+.Prerequisites
+* You have created a {product-title} cluster, version 4.22.0 or later.
+* You have created an AWS Identity and Access Management (IAM) role to be configured for {autonode}.
+* You have your cluster's Open ID Connect (OIDC) Endpoint URL.
++ 
+[NOTE]
+====
+Run `rosa describe cluster -c $CLUSTER_NAME | grep "OIDC Endpoint URL"` to see this URL. Do not include the `https://` prefix from the OIDC Endpoint URL. For example, use  `example-oidc-endpoint.cloudfront.net/abcd1234examplehash5678` instead of `https://example-oidc-endpoint.cloudfront.net/abcd1234examplehash5678`.
+====
+* You have the proper credentials to access the AWS console.
+
+
+.Procedure
+
+. Export your AWS ID:
++
+[source,terminal]
+----
+$ export AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
+----
+
+. Log in to the link:https://console.aws.amazon.com/[AWS console]. 
+. In the AWS console, navigate to **IAM > Roles**.
+. On your {autonode} Amazon Resource Name (ARN), update the trust policy to include the following policy specifications:
++
+[NOTE]
+====
+To access this ARN, run:
+
+[source,terminal]
+----
+$ echo $ROLE_ARN
+----
+====
++
+[source,json]
+----
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "Federated": "arn:aws:iam::<aws_account_id>:oidc-provider/<oidc-endpoint-url>"
+            },
+            "Action": "sts:AssumeRoleWithWebIdentity",
+            "Condition": {
+                "StringEquals": {
+                    "<oidc-endpoint-url>:sub": "system:serviceaccount:kube-system:karpenter"
+                }
+            }
+        }
+    ]
+}
+----
+where:
+<aws_account_id>::
+Specifies your AWS Account ID. 
+<oidc-endpoint-url>::
+Specifies the OIDC endpoint URL that you acquired.
+
+. In {cluster-manager-url}, select your cluster from the cluster list.
+. On the cluster details screen, select the *Edit* button next to the status for {autonode}. 
+. On the *Edit Autonode settings* dialog box, toggle *Enable Autonode*.
+. Add your {autonode} IAM role ARN to the field in this dialog box.
+. Select *Save* to save your configurations and close the *Edit Autonode settings* box.