OSDOCS-13576: Added info on rosa create network command

EricPonvelle · EricPonvelle · commit 63bada5a68fb · 2025-04-10T16:36:13.000-04:00
diff --git a/modules/rosa-hcp-create-network.adoc b/modules/rosa-hcp-create-network.adoc
@@ -0,0 +1,100 @@
+// Module included in the following assemblies:
+//
+// * rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc
+
+ifeval::["{context}" == "rosa-hcp-egress-lockdown-install"]
+:egress-lockdown-rosa:
+endif::[]
+
+:_mod-docs-content-type: PROCEDURE
+[id="rosa-hcp-create-network_{context}"]
+= Creating a Virtual Private Cloud using the ROSA CLI
+
+The `rosa create network` command is available in v.1.2.48 or later of the ROSA CLI. This command uses AWS CloudFormation to create a VPC and other networking components used to install a ROSA cluster. CloudFormation is a native AWS infrastructure-as-code tool, compatible with the AWS CLI. For more information on AWS CloudFormation, see the additional resources.
+
+If you do not specify a template, CloudFormation uses a default template that creates the following parameters:
+
+[cols="2a,3a",options="header"]
+|===
+|VPC parameter
+|Value
+
+| Availability Zones
+| 1
+
+| Region 
+| `us-east-1`
+  
+| VPC CIDR 
+| `10.0.0.0/16` 
+|===
+
+You can create and customize CloudFormation templates can also be used with the command. See the additional resources for information on the Default VPC template.
+
+.Prerequisites
+
+* You have configured your AWS account
+* You have configured your Red Hat accounts
+* You have installed and configured the ROSA CLI to the latest version
+
+.Procedure
+. Use the following command to create an AWS VPC using the default CloudFormations template:
++
+[source,terminal]
+----
+$ rosa create network
+----
+
+. Optional: If you want to modify a parameter, you can specify `--param Param1=Value1`, `--param Param2=Value2`, and so on. For example, if you wanted to modify the region, name, AZ count, and VPC's CIDR parameters, you could run:
++
+[source,terminal]
+----
+$ rosa create network --param Region=us-west-2 --param Name=quickstart-stack --param AvailabilityZoneCount=1 --param VpcCidr=10.0.0.0/16
+----
+
+. The full list of parameters available in the default template.
++
+.Example template
++
+[source,yaml]
+----
+Parameters:
+  AvailabilityZoneCount:
+    Type: Number
+    Description: "Number of Availability Zones to use"
+    Default: 1
+    MinValue: 1
+    MaxValue: 3
+  Region:
+    Type: String
+    Description: "AWS Region"
+    Default: "us-west-2"
+  Name:
+    Type: String
+    Description: "Name prefix for resources"
+  VpcCidr:
+    Type: String
+    Description: CIDR block for the VPC
+    Default: '10.0.0.0/16'
+----
++
+The command takes about 5 minutes to run, providing regular status updates from AWS as resources are created. If there is an issue with CloudFormation, a rollback will be attempted. If any other issues are encountered, please follow the error message instructions or contact AWS support.
++
+[NOTE]
+====
+Save the subnet IDs that are created as a result of this command since these subnets are needed when creating the cluster. Replace `$SUBNET_IDS` in the `rosa cluster create` command below with these values in a comma-separated list.
+
+During the cluster creation, you can select your create network stack with the following step:
+
+[source,terminal]
+----
+? Additional 'Compute' Security Group IDs (optional): sg-0d1fba92a71d6cc6d ('rosa-network-stack-269733383066-SecurityGroup-zD8qkxnh6wwL')
+----
+====
+
+. To delete the Cloudformation stack that was created, run the following command:
++
+[source,terminal]
+----
+$ aws cloudformation delete-stack --stack-name [Name] 
+----
diff --git a/modules/rosa-hcp-custom-create-network.adoc b/modules/rosa-hcp-custom-create-network.adoc
@@ -0,0 +1,25 @@
+// Module included in the following assemblies:
+//
+// * rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc
+
+:_mod-docs-content-type: PROCEDURE
+[id="rosa-hcp-custom-create-network_{context}"]
+= Configuring and using custom CloudFormation templates
+
+You can use a custom CloudFormation template by specifying a new directory with `--template-dir`, and then specifying a template name when you use `rosa create network`. You can also simply use the aws cloudformations command directly when using custom CloudFormation templates.
+
+.Procedure
+
+* Run the following command to use a CloudFormation template stored locally at `/rosa/templates/customtemplatename/cloudformation.yaml`:
++
+[source,terminal]
+----
+$ rosa create network customtemplatename --template-dir='/rosa/templates'
+----
++
+[NOTE]
+====
+The default directory is `/cmd/create/network/templates/rosa/`.
+
+As with any VPC used for ROSA, the VPC created by this method is not managed by ROSA, and ROSA is not aware of its dependency on this VPC. If you manipulate the VPC while a ROSA cluster is running within it, you could introduce risk to the cluster.
+====
diff --git a/rosa_hcp/rosa-hcp-creating-cluster-with-aws-kms-key.adoc b/rosa_hcp/rosa-hcp-creating-cluster-with-aws-kms-key.adoc
@@ -22,10 +22,11 @@ To create a {hcp-title} cluster, you must have the following items:
 * Operator roles
 
 [id="rosa-hcp-creating-cluster-with-aws-kms-key-creating-vpc"]
-=== Creating a Virtual Private Cloud for your {hcp-title} clusters
+== Creating a Virtual Private Cloud for your {hcp-title} clusters
 
-You must have a Virtual Private Cloud (VPC) to create {hcp-title} cluster. You can use the following methods to create a VPC: 
+You must have a Virtual Private Cloud (VPC) to create {hcp-title} cluster. You can use the following methods to create a VPC:
 
+* Create a VPC using the ROSA CLI
 * Create a VPC by using a Terraform template
 * Manually create the VPC resources in the AWS console
 
@@ -34,24 +35,53 @@ You must have a Virtual Private Cloud (VPC) to create {hcp-title} cluster. You c
 The Terraform instructions are for testing and demonstration purposes. Your own installation requires some modifications to the VPC for your own use. You should also ensure that when you use this Terraform script it is in the same region that you intend to install your cluster. In these examples, use `us-east-2`.
 ====
 
-include::snippets/imp-rosa-hcp-no-shared-vpc-support.adoc[leveloffset=+0]
+[discrete]
+include::modules/rosa-hcp-create-network.adoc[leveloffset=+3]
+[discrete]
+include::modules/rosa-hcp-custom-create-network.adoc[leveloffset=+3]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-hcp-create-network-kms-key"]
+.Additional resources
+
+* See the link:https://aws.amazon.com/cloudformation/[AWS CloudFormation] for more information about structuring CloudFormation files to create VPCs.
+* See this link:https://github.com/openshift/rosa/blob/master/cmd/create/network/templates/rosa-quickstart-default-vpc/cloudformation.yaml[default VPC AWS CloudFormation template] for more information.
 
 [discrete]
 include::modules/rosa-hcp-vpc-terraform.adoc[leveloffset=+3]
 
 [role="_additional-resources"]
+[id="additional-resources_rosa-hcp-vpc-terraform-kms-key"]
 .Additional resources
 
 * See the link:https://github.com/openshift-cs/terraform-vpc-example[Terraform VPC] repository for a detailed list of all options available when customizing the VPC for your needs.
 
 [discrete]
-include::modules/rosa-hcp-vpc-manual.adoc[leveloffset=+3]
+include::modules/rosa-hcp-vpc-manual.adoc[leveloffset=+2]
+
+[id="troubleshooting_shared-vpc-hcp_vpc-creation-kms-key"]
+=== Troubleshooting
+
+If your cluster fails to install, check these common troubleshooting issues:
+
+* Make sure your link:https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html[DHCP option set] includes a domain name, and ensure that the domain name does not include any spaces or capital letters.
+* If your VPC uses a custom DNS resolver (the `domain name servers` field of your DHCP option set is not `AmazonProvideDNS`), make sure it is able to properly resolve the private hosted zones configured in Route53.
+
+For more information about troubleshooting ROSA cluster installations, see xref:../support/troubleshooting/rosa-troubleshooting-installations.adoc#rosa-troubleshooting-installations[Troubleshooting {product-title} installations].
+
+==== Get support
+If you need additional xref:../support/getting-support.adoc#getting-support[support], visit the Red Hat Customer Portal to review knowledge base articles, submit a support case, and review additional product documentation and resources.
+
+[discrete]
+include::modules/rosa-hcp-vpc-subnet-tagging.adoc[leveloffset=+3]
 
 [role="_additional-resources"]
+[id="additional-resources_rosa-hcp-vpc-aws-kms-key"]
 .Additional resources
 
 * link:https://docs.aws.amazon.com/vpc/latest/userguide/vpc-getting-started.html[Get Started with Amazon VPC]
 * link:https://developer.hashicorp.com/terraform[HashiCorp Terraform documentation]
+* link:https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/deploy/subnet_discovery/[Subnet Auto Discovery]
 
 include::modules/rosa-hcp-creating-account-wide-sts-roles-and-policies.adoc[leveloffset=+2]
 
diff --git a/rosa_hcp/rosa-hcp-egress-lockdown-install.adoc b/rosa_hcp/rosa-hcp-egress-lockdown-install.adoc
@@ -51,28 +51,72 @@ While you may install and upgrade your clusters as you would a regular cluster,
 ====
 
 [id="rosa-hcp-egress-lockdown-install-creating_{context}"]
-== Creating a Virtual Private Cloud for your egress lockdown {hcp-title} clusters
+== Creating a Virtual Private Cloud for your {hcp-title} clusters
 
-You must have a Virtual Private Cloud (VPC) to create {hcp-title} clusters. You can use one of the following methods to create a VPC:
+You must have a Virtual Private Cloud (VPC) to create {hcp-title} cluster. You can use the following methods to create a VPC:
 
+* Create a VPC using the ROSA CLI
 * Create a VPC by using a Terraform template
 * Manually create the VPC resources in the AWS console
 
 [NOTE]
 ====
-The Terraform instructions are for testing and demonstration purposes. Your own installation requires modifications to the VPC for your specific needs and constraints. You should also ensure that when you use the following Terraform script it is in the same region that you intend to install your cluster.
+The Terraform instructions are for testing and demonstration purposes. Your own installation requires some modifications to the VPC for your own use. You should also ensure that when you use this Terraform script it is in the same region that you intend to install your cluster. In these examples, use `us-east-2`.
 ====
 
-include::modules/rosa-hcp-vpc-terraform.adoc[leveloffset=+2]
+[discrete]
+include::modules/rosa-hcp-create-network.adoc[leveloffset=+3]
+[discrete]
+include::modules/rosa-hcp-custom-create-network.adoc[leveloffset=+3]
 
 [role="_additional-resources"]
+[id="additional-resources_rosa-hcp-create-network-egress-lockdown"]
 .Additional resources
 
-* See the link:https://github.com/openshift-cs/terraform-vpc-example/tree/main/zero-egress[Zero Egress Terraform VPC Example] repository for a detailed list of all options available when customizing the VPC for your needs.
+* See the link:https://aws.amazon.com/cloudformation/[AWS CloudFormation] for more information about structuring CloudFormation files to create VPCs.
+* See this link:https://github.com/openshift/rosa/blob/master/cmd/create/network/templates/rosa-quickstart-default-vpc/cloudformation.yaml[default VPC AWS CloudFormation template] for more information.
 
+[discrete]
+include::modules/rosa-hcp-vpc-terraform.adoc[leveloffset=+3]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-hcp-vpc-terraform-egress-lockdown"]
+.Additional resources
+
+* See the link:https://github.com/openshift-cs/terraform-vpc-example[Terraform VPC] repository for a detailed list of all options available when customizing the VPC for your needs.
+
+[discrete]
 include::modules/rosa-hcp-vpc-manual.adoc[leveloffset=+2]
+
+[id="troubleshooting_shared-vpc-hcp_vpc-creation-egress-lockdown"]
+=== Troubleshooting
+
+If your cluster fails to install, check these common troubleshooting issues:
+
+* Make sure your link:https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html[DHCP option set] includes a domain name, and ensure that the domain name does not include any spaces or capital letters.
+* If your VPC uses a custom DNS resolver (the `domain name servers` field of your DHCP option set is not `AmazonProvideDNS`), make sure it is able to properly resolve the private hosted zones configured in Route53.
+
+For more information about troubleshooting ROSA cluster installations, see xref:../support/troubleshooting/rosa-troubleshooting-installations.adoc#rosa-troubleshooting-installations[Troubleshooting {product-title} installations].
+
+==== Get support
+If you need additional xref:../support/getting-support.adoc#getting-support[support], visit the Red Hat Customer Portal to review knowledge base articles, submit a support case, and review additional product documentation and resources.
+
 [discrete]
 include::modules/rosa-hcp-vpc-subnet-tagging.adoc[leveloffset=+3]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-hcp-vpc-aws-egress-lockdown"]
+.Additional resources
+
+* link:https://docs.aws.amazon.com/vpc/latest/userguide/vpc-getting-started.html[Get Started with Amazon VPC]
+* link:https://developer.hashicorp.com/terraform[HashiCorp Terraform documentation]
+* link:https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/deploy/subnet_discovery/[Subnet Auto Discovery]
+
+[role="_additional-resources"]
+.Additional resources
+
+* See the link:https://github.com/openshift-cs/terraform-vpc-example/tree/main/zero-egress[Zero Egress Terraform VPC Example] repository for a detailed list of all options available when customizing the VPC for your needs.
+
 [discrete]
 include::modules/rosa-hcp-sgs-and-vpce.adoc[leveloffset=+3]
 
diff --git a/rosa_hcp/rosa-hcp-quickstart-guide.adoc b/rosa_hcp/rosa-hcp-quickstart-guide.adoc
@@ -28,6 +28,7 @@ include::modules/rosa-sts-creating-account-wide-sts-roles-and-policies.adoc[leve
 
 You must have a Virtual Private Cloud (VPC) to create {hcp-title} cluster. You can use the following methods to create a VPC:
 
+* Create a VPC using the ROSA CLI
 * Create a VPC by using a Terraform template
 * Manually create the VPC resources in the AWS console
 
@@ -37,14 +38,53 @@ The Terraform instructions are for testing and demonstration purposes. Your own
 ====
 
 [discrete]
-include::modules/rosa-hcp-vpc-terraform.adoc[leveloffset=1]
+include::modules/rosa-hcp-create-network.adoc[leveloffset=+3]
+[discrete]
+include::modules/rosa-hcp-custom-create-network.adoc[leveloffset=+3]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-hcp-create-network-quickstart"]
+.Additional resources
+
+* See the link:https://aws.amazon.com/cloudformation/[AWS CloudFormation] for more information about structuring CloudFormation files to create VPCs.
+* See this link:https://github.com/openshift/rosa/blob/master/cmd/create/network/templates/rosa-quickstart-default-vpc/cloudformation.yaml[default VPC AWS CloudFormation template] for more information.
+
+[discrete]
+include::modules/rosa-hcp-vpc-terraform.adoc[leveloffset=+3]
 
 [role="_additional-resources"]
-[id="additional-resources_rosa-hcp-quickstart-vpc-terraform"]
+[id="additional-resources_rosa-hcp-vpc-terraform-quickstart"]
 .Additional resources
 
 * See the link:https://github.com/openshift-cs/terraform-vpc-example[Terraform VPC] repository for a detailed list of all options available when customizing the VPC for your needs.
 
+[discrete]
+include::modules/rosa-hcp-vpc-manual.adoc[leveloffset=+2]
+
+[id="troubleshooting_shared-vpc-hcp_vpc-creation-quickstart"]
+=== Troubleshooting
+
+If your cluster fails to install, check these common troubleshooting issues:
+
+* Make sure your link:https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html[DHCP option set] includes a domain name, and ensure that the domain name does not include any spaces or capital letters.
+* If your VPC uses a custom DNS resolver (the `domain name servers` field of your DHCP option set is not `AmazonProvideDNS`), make sure it is able to properly resolve the private hosted zones configured in Route53.
+
+For more information about troubleshooting ROSA cluster installations, see xref:../support/troubleshooting/rosa-troubleshooting-installations.adoc#rosa-troubleshooting-installations[Troubleshooting {product-title} installations].
+
+==== Get support
+If you need additional xref:../support/getting-support.adoc#getting-support[support], visit the Red Hat Customer Portal to review knowledge base articles, submit a support case, and review additional product documentation and resources.
+
+[discrete]
+include::modules/rosa-hcp-vpc-subnet-tagging.adoc[leveloffset=+3]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-hcp-vpc-aws-quickstart"]
+.Additional resources
+
+* link:https://docs.aws.amazon.com/vpc/latest/userguide/vpc-getting-started.html[Get Started with Amazon VPC]
+* link:https://developer.hashicorp.com/terraform[HashiCorp Terraform documentation]
+* link:https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/deploy/subnet_discovery/[Subnet Auto Discovery]
+
 include::modules/rosa-sts-byo-oidc.adoc[leveloffset=+1]
 include::modules/rosa-operator-config.adoc[leveloffset=+1]
 include::modules/rosa-hcp-sts-creating-a-cluster-cli.adoc[leveloffset=+1]
diff --git a/rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc b/rosa_hcp/rosa-hcp-sts-creating-a-cluster-quickly.adoc
@@ -73,6 +73,7 @@ To create a {hcp-title} cluster, you must have the following items:
 
 You must have a Virtual Private Cloud (VPC) to create {hcp-title} cluster. You can use the following methods to create a VPC:
 
+* Create a VPC using the ROSA CLI
 * Create a VPC by using a Terraform template
 * Manually create the VPC resources in the AWS console
 
@@ -81,6 +82,18 @@ You must have a Virtual Private Cloud (VPC) to create {hcp-title} cluster. You c
 The Terraform instructions are for testing and demonstration purposes. Your own installation requires some modifications to the VPC for your own use. You should also ensure that when you use this Terraform script it is in the same region that you intend to install your cluster. In these examples, use `us-east-2`.
 ====
 
+[discrete]
+include::modules/rosa-hcp-create-network.adoc[leveloffset=+3]
+[discrete]
+include::modules/rosa-hcp-custom-create-network.adoc[leveloffset=+3]
+
+[role="_additional-resources"]
+[id="additional-resources_rosa-hcp-create-network"]
+.Additional resources
+
+* See the link:https://aws.amazon.com/cloudformation/[AWS CloudFormation] for more information about structuring CloudFormation files to create VPCs.
+* See this link:https://github.com/openshift/rosa/blob/master/cmd/create/network/templates/rosa-quickstart-default-vpc/cloudformation.yaml[default VPC AWS CloudFormation template] for more information.
+
 [discrete]
 include::modules/rosa-hcp-vpc-terraform.adoc[leveloffset=+3]
 
