[WIP POC do not merge] OSDOCS-19895: CCO content for AEM POC

_distro_map.yml

@@ -556,3 +556,14 @@ openshift-coo:
     standalone-coo-docs-1-latest:
       name: '1-latest'
       dir: coo/1-latest
+
+openshift-aem-poc:
+  name: OpenShift Container Platform
+  author: OpenShift Documentation Project <openshift-docs@redhat.com>
+  site: commercial
+  site_name: Documentation
+  site_url: https://docs.openshift.com/
+  branches:
+    main:
+      name: 'reuse-poc'
+      dir: reuse-poc/output

_topic_maps/_topic_map_aem_poc.yml

@@ -0,0 +1,39 @@
+# This is for the AEM reuse POC source in adoc.
+# Topic-level items will become submaps. Assemblies will become CON topics.
+---
+Name: AEM reuse POC
+Dir: aem_poc
+Distros: openshift-aem-poc
+Topics:
+- Name: Install
+  Dir: install
+  Distros: openshift-aem-poc
+  Topics:
+  - Name: Install a customized cluster on Amazon Web Services
+    File: install-aws-custom
+  - Name: Install a customized cluster on Microsoft Azure
+    File: install-azure-custom
+  - Name: Install a customized cluster on Google Cloud
+    File: install-google-custom
+- Name: Maintain
+  Dir: maintain
+  Distros: openshift-aem-poc
+  Topics:
+  - Name: Change the cloud provider credentials configuration
+    File: change-cloud-credentials-configuration
+- Name: Update
+  Dir: update
+  Distros: openshift-aem-poc
+  Topics:
+  - Name: Prepare to update a cluster with manually maintained credentials
+    File: prepare-manual-credentials-update
+- Name: Uninstall
+  Dir: uninstall
+  Distros: openshift-aem-poc
+  Topics:
+  - Name: Uninstall a cluster on Amazon Web Services
+    File: uninstall-aws
+  - Name: Uninstall a cluster on Microsoft Azure
+    File: uninstall-azure
+  - Name: Uninstall a cluster on Google Cloud
+    File: uninstall-google

aem_poc/_attributes

@@ -0,0 +1 @@
+../_attributes/

aem_poc/images

@@ -0,0 +1 @@
+../images

aem_poc/install/_attributes

@@ -0,0 +1 @@
+../_attributes/

aem_poc/install/images

@@ -0,0 +1 @@
+../images

aem_poc/install/install-aws-custom.adoc

@@ -0,0 +1,46 @@
+:_mod-docs-content-type: ASSEMBLY
+include::_attributes/common-attributes.adoc[]
+[id="installing-aws-customizations"]
+= Install a customized cluster on {aws-full}
+:context: installing-aws-customizations
+:platform: AWS
+
+toc::[]
+
+[role="_abstract"]
+In {product-title}, you can install a cluster on {aws-first} by using installer-provisioned infrastructure with customizations, including network configuration options.
+In each, you modify parameters in theinstall-config.yaml file before you install the cluster.
+
+By customizing your network configuration, your cluster can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations.
+
+You must set most of the network configuration parameters during installation, and you can modify only `kubeProxy` configuration parameters in a running cluster.
+
+[NOTE]
+====
+For simplicity and ensured success, the scope of the {product-title} installation configurations is intentionally narrow.
+You can complete many more {product-title} configuration tasks after an installation completes.
+====
+
+//Alternatives to storing administrator-level secrets in the kube-system project
+include::modules/installing-manual-creds-modes.adoc[leveloffset=+1]
+
+//Manually creating long-term credentials
+include::modules/manually-create-identity-access-management.adoc[leveloffset=+2]
+
+//Supertask: Configuring a cluster to use short-term credentials
+include::modules/installing-short-term-creds.adoc[leveloffset=+2]
+
+//Task part 1: Configuring the Cloud Credential Operator utility
+include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3]
+
+//Task part 2: Creating  AWS resources
+include::modules/cco-ccoctl-creating-resources.adoc[leveloffset=+3]
+
+//Task part 2a: Creating AWS resources with a single command
+include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+4]
+
+//Task part 2b: Creating AWS resources individually
+include::modules/cco-ccoctl-creating-individually.adoc[leveloffset=+4]
+
+//Task part 3: Incorporating the Cloud Credential Operator utility manifests
+include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3]

aem_poc/install/install-azure-custom.adoc

@@ -0,0 +1,34 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="installing-azure-customizations"]
+= Install a customized cluster on {azure-short}
+include::_attributes/common-attributes.adoc[]
+:context: installing-azure-customizations
+:platform: Azure
+
+toc::[]
+
+[role="_abstract"]
+In {product-title}, you can install a cluster on {azure-first} by using installer-provisioned infrastructure with customizations, including network configuration options.
+In each, you modify parameters in theinstall-config.yaml file before you install the cluster.
+
+By customizing your network configuration, your cluster can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations.
+
+You must set most of the network configuration parameters during installation, and you can modify only `kubeProxy` configuration parameters in a running cluster.
+
+//Alternatives to storing administrator-level secrets in the kube-system project
+include::modules/installing-manual-creds-modes.adoc[leveloffset=+1]
+
+//Manually creating long-term credentials
+include::modules/manually-create-identity-access-management.adoc[leveloffset=+2]
+
+//Supertask: Configuring a cluster to use short-term credentials
+include::modules/installing-short-term-creds.adoc[leveloffset=+2]
+
+//Task part 1: Configuring the Cloud Credential Operator utility
+include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3]
+
+//Task part 2: Creating the required GCP resources
+include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+3]
+
+//Task part 3: Incorporating the Cloud Credential Operator utility manifests
+include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3]

aem_poc/install/install-google-custom.adoc

@@ -0,0 +1,37 @@
+:_mod-docs-content-type: ASSEMBLY
+include::_attributes/common-attributes.adoc[]
+[id="installing-gcp-customizations"]
+= Install a customized cluster on {gcp-full}
+:context: installing-gcp-customizations
+:platform: {gcp-short}
+
+toc::[]
+
+[role="_abstract"]
+In {product-title}, you can install a cluster on {gcp-first} by using installer-provisioned infrastructure with customizations, including network configuration options.
+In each, you modify parameters in theinstall-config.yaml file before you install the cluster.
+
+By customizing your network configuration, your cluster can coexist with existing IP address allocations in your environment and integrate with existing MTU and VXLAN configurations.
+
+You must set most of the network configuration parameters during installation, and you can modify only `kubeProxy` configuration parameters in a running cluster.
+
+//Alternatives to storing administrator-level secrets in the kube-system project
+include::modules/installing-manual-creds-modes.adoc[leveloffset=+1]
+
+//Manually creating long-term credentials
+include::modules/manually-create-identity-access-management.adoc[leveloffset=+2]
+
+//Supertask: Configuring a cluster to use short-term credentials
+include::modules/installing-short-term-creds.adoc[leveloffset=+2]
+
+//Task part 1: Configuring the Cloud Credential Operator utility
+include::modules/cco-ccoctl-configuring.adoc[leveloffset=+3]
+
+//Task part 2: Creating the required GCP resources
+include::modules/cco-ccoctl-creating-at-once.adoc[leveloffset=+3]
+
+//Restricting service account impersonation to the compute nodes service account
+include::modules/restricting-sa-impersonation-compute-sa-gcp.adoc[leveloffset=+3]
+
+//Task part 3: Incorporating the Cloud Credential Operator utility manifests
+include::modules/cco-ccoctl-install-creating-manifests.adoc[leveloffset=+3]

aem_poc/install/modules

@@ -0,0 +1 @@
+../modules

aem_poc/install/snippets

@@ -0,0 +1 @@
+../snippets

aem_poc/maintain/_attributes

@@ -0,0 +1 @@
+../_attributes/

aem_poc/maintain/images

@@ -0,0 +1 @@
+../images

aem_poc/maintain/modules

@@ -0,0 +1 @@
+../modules

aem_poc/maintain/snippets

@@ -0,0 +1 @@
+../snippets

aem_poc/modules

@@ -0,0 +1 @@
+../modules

aem_poc/snippets

@@ -0,0 +1 @@
+../snippets

aem_poc/uninstall/_attributes

@@ -0,0 +1 @@
+../_attributes/

aem_poc/uninstall/images

@@ -0,0 +1 @@
+../images

aem_poc/uninstall/modules

@@ -0,0 +1 @@
+../modules

aem_poc/uninstall/snippets

@@ -0,0 +1 @@
+../snippets

aem_poc/update/_attributes

@@ -0,0 +1 @@
+../_attributes/

aem_poc/update/images

@@ -0,0 +1 @@
+../images

aem_poc/update/modules

@@ -0,0 +1 @@
+../modules

aem_poc/update/snippets

@@ -0,0 +1 @@
+../snippets

modules/cco-ccoctl-creating-resources.adoc

@@ -0,0 +1,12 @@
+:_mod-docs-content-type: REFERENCE
+[id="cco-ccoctl-creating-resources_{context}"]
+= Creating {aws-short} resources with the Cloud Credential Operator utility
+
+[role="_abstract"]
+You have the following options when creating {aws-short} resources:
+
+* You can use the `ccoctl aws create-all` command to create the {aws-short} resources automatically. This is the quickest way to create the resources.
+See "Creating {aws-short} resources with a single command".
+
+* If you need to review the JSON files that the `ccoctl` tool creates before modifying AWS resources, or if the process the `ccoctl` tool uses to create {aws-short} resources automatically does not meet the requirements of your organization, you can create the {aws-short} resources individually.
+See "Creating {aws-short} resources individually".

modules/installing-manual-creds-modes.adoc

@@ -0,0 +1,11 @@
+:_mod-docs-content-type: REFERENCE
+[id="installing-manual-creds-modes_{context}"]
+= Alternatives to storing administrator-level secrets in the kube-system project
+
+[role="_abstract"]
+By default, administrator secrets are stored in the `kube-system` project.
+If you configured the `credentialsMode` parameter in the `install-config.yaml` file to `Manual`, you must use one of the following alternatives:
+
+* To manage long-term cloud credentials manually, follow the procedure in "Manually creating long-term credentials".
+
+* To implement short-term credentials that are managed outside the cluster for individual components, follow the procedures in "Configuring a cluster to use short-term credentials".

modules/installing-short-term-creds.adoc

@@ -0,0 +1,6 @@
+:_mod-docs-content-type: REFERENCE
+[id="installing-short-term-creds_{context}"]
+= Configuring a cluster to use short-term credentials
+
+[role="_abstract"]
+To install a cluster that is configured to use short-term credentials, you must configure the Cloud Credential Operator utility and create the required AWS resources for your cluster.