README
¶
Cluster Registration
Contains controllers that support:
- the registration of managed clusters to a hub to place them under management (see cluster join process for design deatails)
- the concept of clusterset (see KEP-1645 for details)
by
ManagedClusterSetAPI to group managed clusters (see managed cluster set for design deatails) - the concept of clusterclaim (see KEP-2149 for details)
by
ManagedClusterClaimAPI to collect the cluster information from a managed cluster (see cluster claim for design deatails) - the management of managed cluster add-ons (see managed cluster addons management for design deatails)
Community, discussion, contribution, development and support
Check the CONTRIBUTING Doc for how to contribute to the repo.
Quickstart
- Clone this repo:
git clone https://github.com/open-cluster-management-io/registration.git
- Prepare a kind cluster, like:
kind create cluster
Note: The Kubernetes cluster needs v1.19 or greater
- Export your kind cluster config, like:
export KUBECONFIG=$HOME/.kube/config
- Deploy the hub control plane:
make deploy-hub
make deploy-webhook
- Deploy the registraion agent:
make bootstrap-secret
make deploy-spoke
You now have a cluster with registraion up and running. The cluster has been registered to itself.
Next you need to approve your cluster like this:
- Approve the managed cluster
kubectl patch managedcluster local-development -p='{"spec":{"hubAcceptsClient":true}}' --type=merge
- Apporve the CSR of the managed clsuter
kubectl get csr -l open-cluster-management.io/cluster-name=local-development | grep Pending | awk '{print $1}' | xargs kubectl certificate approve
- Finally, you can find the managed cluster is joined and available
kubectl get managedcluster
NAME HUB ACCEPTED MANAGED CLUSTER URLS JOINED AVAILABLE AGE
local-development true True True 2m21s
You can find more details for cluster join process from this design doc, and after the registration is deployed, you can try the following features
Cluster Set
- Create a cluster set by
ManagedClusterSetAPI
cat << EOF | kubectl apply -f -
apiVersion: cluster.open-cluster-management.io/v1alpha1
kind: ManagedClusterSet
metadata:
name: clusterset1
EOF
- Add your cluster to the created cluster
kubectl label managedclusters local-development "cluster.open-cluster-management.io/clusterset=clusterset1" --overwrite
- Then, you can find there is one managed cluster is selected from the managed cluster set status, like:
kubectl get managedclustersets clusterset1 -o jsonpath='{.status.conditions[?(@.type=="ClusterSetEmpty")]}'
{"message":"1 ManagedClusters selected","reason":"ClustersSelected"}
You can find more details from the managed cluster set design doc
Cluster Claim
- Create a
ClusterClaimto claim the ID of this cluster
cat << EOF | kubectl apply -f -
apiVersion: cluster.open-cluster-management.io/v1alpha1
kind: ClusterClaim
metadata:
name: id.k8s.io
spec:
value: local-development
EOF
- Then, you can find the claim from the managed cluster status, like:
kubectl get managedcluster local-development -o jsonpath='{.status.clusterClaims}'
[{"name":"id.k8s.io","value":"local-development"}]
You can find more details from the cluster claim design doc
Managed Cluster Add-Ons
A managed cluster add-ons is deployed on the managed cluster to extend the capability of managed cluster. Developers can leverage add-on framework to implement their add-ons. The registration provides the management of the lease update and registration for all managed cluster addons, you can find more details from the Managed cluster addons management design doc
Note: The addon-management is in alpha stage, it is not enabled by default, it is controlled by feature gate
AddonManagement
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
pkg
|
|
|
hub/addon
package addon contains the hub-side controllers for updating addon status and rotating the addon certificate.
|
package addon contains the hub-side controllers for updating addon status and rotating the addon certificate. |
|
hub/clusterrole
package clusterrole contains the hub-side reconciler for the ManagedCluster necessary clusterrole resource.
|
package clusterrole contains the hub-side reconciler for the ManagedCluster necessary clusterrole resource. |
|
hub/clusterrole/bindata
Code generated for package bindata by go-bindata DO NOT EDIT.
|
Code generated for package bindata by go-bindata DO NOT EDIT. |
|
hub/csr
package csr contains the hub-side reconciler for auto approving the renewal CertificateSigningRequests for an accepted managed cluster
|
package csr contains the hub-side reconciler for auto approving the renewal CertificateSigningRequests for an accepted managed cluster |
|
hub/lease
package lease contains the hub-side controller for checking an accepted spoke cluster whether is available
|
package lease contains the hub-side controller for checking an accepted spoke cluster whether is available |
|
hub/managedcluster
package managedcluster contains the hub-side reconciler for the ManagedCluster resource.
|
package managedcluster contains the hub-side reconciler for the ManagedCluster resource. |
|
hub/managedcluster/bindata
Code generated for package bindata by go-bindata DO NOT EDIT.
|
Code generated for package bindata by go-bindata DO NOT EDIT. |
|
hub/rbacfinalizerdeletion
package rbacfinalizerdeletion contains the hub-side reconciler to cleanup finalizer on role/rolebinding in cluster namespace when ManagedCluster is being deleted.
|
package rbacfinalizerdeletion contains the hub-side reconciler to cleanup finalizer on role/rolebinding in cluster namespace when ManagedCluster is being deleted. |
|
hub/user
Package user contains common definition works for kubernetes certificates
|
Package user contains common definition works for kubernetes certificates |
|
spoke
package spoke and its subpackages contain the controllers that make up the spoke agent.
|
package spoke and its subpackages contain the controllers that make up the spoke agent. |
|
spoke/addon
package addon contains the managed cluster side controllers for updating addon status and registering addon on the hub cluster.
|
package addon contains the managed cluster side controllers for updating addon status and registering addon on the hub cluster. |
|
spoke/managedcluster
package managedcluster contains the spoke cluster side reconciler for the SpokeCluster resource.
|
package managedcluster contains the spoke cluster side reconciler for the SpokeCluster resource. |
|
webhook
package webhook contains the managed cluster admission hooks to mutate and validate the ManagedCluster create and update operations
|
package webhook contains the managed cluster admission hooks to mutate and validate the ManagedCluster create and update operations |
|
test
|
|
|
e2e/bindata
Code generated for package bindata by go-bindata DO NOT EDIT.
|
Code generated for package bindata by go-bindata DO NOT EDIT. |
|
integration
Package integration provides integration tests for open-cluster-management registration, the test cases include - managed cluster joining process - managed cluster health check - registration agent rotate its certificate after its certificate is expired - registration agent recovery from invalid bootstrap kubeconfig - registration agent recovery from invalid hub kubeconfig
|
Package integration provides integration tests for open-cluster-management registration, the test cases include - managed cluster joining process - managed cluster health check - registration agent rotate its certificate after its certificate is expired - registration agent recovery from invalid bootstrap kubeconfig - registration agent recovery from invalid hub kubeconfig |
Click to show internal directories.
Click to hide internal directories.