Azure

This section provides guides for deploying HyperShift hosted clusters on Microsoft Azure. There are two deployment models available, each with different management cluster platforms and authentication mechanisms.

Deployment Models

ARO HCP (Managed Azure)

ARO HCP (Azure Red Hat OpenShift Hosted Control Planes) uses an AKS (Azure Kubernetes Service) cluster as the management platform. This model uses Azure Managed Identities with certificate-based authentication, with credentials stored in Azure Key Vault.

Guides:

• Create an Azure Hosted Cluster on AKS - Step-by-step setup guide
• Azure Hosted Cluster with Options - Advanced configuration options

Self-Managed Azure

Self-managed Azure uses an OpenShift cluster (running on any platform - AWS, Azure, bare metal, etc.) as the management platform. This model uses Azure Workload Identity with OIDC federation for tokenless authentication.

Guides:

• Self-Managed Azure Overview - Architecture and deployment workflow
• Azure Workload Identity Setup - Set up managed identities and OIDC federation
• Setup Azure Management Cluster - Install HyperShift operator
• Create a Self-Managed Azure HostedCluster - Deploy your first hosted cluster

Comparison

Infrastructure Reference

For detailed information about the Azure infrastructure resources required for each deployment model, see:

• ARO HCP Infrastructure
• Self-Managed Azure Infrastructure

Additional Resources

• Azure Workload Identity Documentation
• Azure Managed Identities Documentation
• Secrets Store CSI Driver