{"results":[{"id":"alternative-topologies-diverge-from-standard-operations","text":"Both hosted control planes and edge/SNO deployments require fundamentally different operational models from standard HA clusters: HCP separates control and data planes across clusters with distinct APIs (NodePool, HyperShift), while edge uses ZTP/TALM fleet management with reduced capability profiles — neither follows the standard MachineSet/MHC/in-cluster-control-plane pattern.","truth_value":"IN","justification_count":1,"dependent_count":2,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"disaster-recovery-within-version-governance","text":"Disaster recovery is constrained by the same version governance that controls normal operations: etcd backup/restore is last-resort only (not rollback), rollback is unsupported, and version coupling (OCP→CNV→HCP ordering) means a restore to a prior state may create version mismatches that cannot be corrected — making prevention through proper update governance critical.","truth_value":"IN","justification_count":1,"dependent_count":3,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"fio-not-supported-hcp","text":"The File Integrity Operator is not supported on Hosted Control Planes (HCP) clusters.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"governed-supply-chains-operational-across-topologies","text":"The governed image and operator supply chains (build→ImageStream→registry for apps, FBC→OLM→CSV for operators) are fully operational across all topology variants (standalone, HCP, SNO) only when the next-generation operator delivery mechanism reaches GA and supports disconnected registries","truth_value":"OUT","justification_count":1,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-adding-idp-removes-kubeadmin","text":"Adding any identity provider to a hosted cluster's OAuth configuration removes the default kubeadmin user provider.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-api-resources-hostedcluster-nodepool","text":"HCP uses `HostedCluster` and `NodePool` API resources from the `hypershift.openshift.io` API group (not `openshift-install`).","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-auto-import-default","text":"Hosted clusters are automatically imported into the local multicluster engine Operator when the hosted control plane becomes available — this is the default behavior.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-aws-destroy-five-params","text":"AWS hosted cluster destruction requires five parameters: `--name`, `--infra-id`, `--role-arn`, `--sts-creds`, `--base-domain`","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-aws-etcd-snapshot-requires-api-downtime","text":"On AWS, taking an etcd snapshot requires API downtime — kube-apiserver, openshift-apiserver, and openshift-oauth-apiserver must be scaled to 0 replicas first","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-aws-kubevirt-delete-managedcluster-first","text":"On AWS and OpenShift Virtualization, the managed cluster resource must be deleted (`oc delete managedcluster`) before destroying the hosted cluster","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-bare-metal-manual-cleanup-without-render","text":"Bare metal hosted clusters created without `--render`/`--render-sensitive` flags require manual backend resource cleanup during destruction","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-cco-manual-mode-only-aws","text":"The Cloud Credential Operator (CCO) for hosted clusters on AWS supports manual mode only — this is the default and only supported mode.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-cco-sts-operator-annotation","text":"Operators declare support for CCO/STS in hosted control planes with the CSV annotation features.operators.openshift.io/token-auth-aws: \"true\".","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-cluster-name-unique-clusters-reserved","text":"Hosted cluster names must be unique cluster-wide; the name `clusters` is reserved and cannot be used","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-clusterversion-ignored","text":"`ClusterVersion` resource changes are ignored in hosted clusters — updates are driven through `HostedCluster` and `NodePool` `.spec.release.image`.","truth_value":"IN","justification_count":0,"dependent_count":1,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-control-plane-namespace-pattern","text":"The hosted control plane namespace follows the pattern `${HOSTED_CLUSTER_NAMESPACE}-${CLUSTER_NAME}` (e.g., `clusters-my-cluster`)","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-control-plane-node-updates-independent","text":"In hosted control planes, control plane and node pool updates are independent — unlike standalone OCP where they are coupled.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-control-plane-on-mgmt-data-plane-on-workers","text":"In hosted control planes, the control plane runs on the management cluster (managed by Control Plane Operator) and the data plane runs on the hosted cluster workers (managed by HostedClusterConfig Operator)","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-control-plane-runs-as-pods","text":"Hosted control planes run control plane components (etcd, API server, controller manager, VPN) as pods on a management cluster, not on dedicated machines.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null},{"id":"hcp-control-plane-update-two-steps","text":"Updating a hosted control plane requires two steps: (1) annotate HostedCluster with `hypershift.openshift.io/force-upgrade-to`, (2) patch `spec.release.image`.","truth_value":"IN","justification_count":0,"dependent_count":0,"challenges":[],"last_reviewed":null,"review_result":null}],"count":127,"limit":20,"offset":0}