The following diagram shows the architecture of the clusters setup in AWS.


The setup of clusters in AWS follow the general guidelines of other OpenShift installations, with the following caveats.

The setup of OpenShift clusters in AWS uses as much of the standard AWS infrastructure as possible, and follows some best practices recommended by Red Hat.


The network is divided into two main sections in a VPC:

  1. Public subnet

  2. Private subnet

Availability Zones

AWS supports three (3) availability zones per region. OpenShift clusters in AWS might be replicated across either one (1) or (3) zones, depending on the availability or cost requirements.

Load Balancers

There are two (2) kinds of load balancers:

  1. Master LB

  2. App LB

All load balancers are ELB instances provided by AWS.

From the perspective of mungg-provision-aws, all three LBs are equal.

Master LB

There are two (2) ELB instances for the Master API; one for the API access from outside, and one for the cluster itself (internal use only.)

Certificate management is done at the Master ELB level, with Let’s Encrypt.

App LB

There is one (1) ELB instance for the application router.


Storage is provided by standard AWS components: S3, EFS, and EBS.

There might be GlusterFS in AWS clusters, but this is optional, and will described in a separate document.