README
¶
clusteradm
clusteradm is the command-line tool for Open Cluster Management (OCM), providing a unified interface to manage multi-cluster Kubernetes environments from the command line.
Overview
Open Cluster Management (OCM) is a CNCF sandbox project that enables end-to-end visibility and control across your Kubernetes clusters using a powerful hub-agent architecture. OCM provides:
- Cluster Lifecycle Management: Register, manage, and monitor multiple Kubernetes clusters
- Application Distribution: Deploy and manage applications across multiple clusters
- Policy & Governance: Enforce security policies and compliance across your fleet
- Add-on Extensibility: Extend functionality with a rich ecosystem of add-ons
clusteradm serves as the primary CLI tool for interacting with OCM, enabling administrators to:
- Initialize hub clusters and register managed clusters
- Deploy and manage multi-cluster applications
- Configure policies and governance
- Manage cluster sets and placements
- Install and configure add-ons
Quick Start
Installation
From install script:
curl -L https://raw.githubusercontent.com/open-cluster-management-io/clusteradm/main/install.sh | bash
From Go:
go install open-cluster-management.io/clusteradm/cmd/clusteradm@latest
From releases:
Download the latest binary from GitHub Releases and add it to your $PATH.
From source:
Go 1.24+ is required to build from source.
git clone https://github.com/open-cluster-management-io/clusteradm.git
cd clusteradm
make build
./bin/clusteradm
Basic Usage
Set up a multi-cluster environment in three steps:
# 1. Initialize the hub cluster
kubectl config use-context <hub-cluster-context>
clusteradm init
# 2. Join a managed cluster to the hub
kubectl config use-context <managed-cluster-context>
clusteradm join --hub-token <token> --hub-apiserver <hub-api-url> --cluster-name <cluster-name>
# 3. Accept the managed cluster on the hub
kubectl config use-context <hub-cluster-context>
clusteradm accept --clusters <cluster-name>
After each command, clusteradm provides the next command to execute, making the process seamless.
Commands
clusteradm organizes commands into logical groups for different aspects of cluster management.
General Commands
| Command | Description |
|---|---|
create |
Create OCM resources (placements, cluster sets, sample apps, work) |
delete |
Delete OCM resources (cluster sets, tokens, work) |
get |
Display OCM resources (clusters, hub info, tokens, placements, work, add-ons) |
install |
Install hub add-ons |
uninstall |
Uninstall hub add-ons |
upgrade |
Upgrade cluster manager or klusterlet |
version |
Display clusteradm and cluster version information |
Registration Commands
| Command | Description |
|---|---|
init |
Initialize a hub cluster |
join |
Join a cluster to the hub as a managed cluster |
accept |
Accept cluster join requests on the hub |
unjoin |
Remove a cluster from the hub |
clean |
Clean up OCM components from the hub cluster |
Cluster Management Commands
| Command | Description |
|---|---|
addon |
Manage add-ons (enable, disable, create) |
clusterset |
Manage cluster sets (bind, unbind, set) |
proxy |
Access managed clusters through the cluster proxy |
Logging and Debugging
Get detailed logs by setting the klog flag:
# Basic logging
clusteradm <command> -v 2 > logfile.log
# Verbose logging to file
clusteradm <command> -v 99 --logtostderr=false --log-file=debug.log
Detailed Command Reference
Cluster Lifecycle
Initialize a Hub Cluster
clusteradm init [--use-bootstrap-token]
Deploys OCM hub components and returns the join command for managed clusters.
Note: Do not run
initagainst a multicluster-controlplane instance. Useclusteradm get token --use-bootstrap-tokeninstead.
Get Join Token
clusteradm get token [--use-bootstrap-token]
Retrieves the latest token for joining managed clusters.
Join a Managed Cluster
clusteradm join --hub-token <token> --hub-apiserver <hub-url> --cluster-name <name> \
[--ca-file <ca-file>] [--force-internal-endpoint-lookup]
Installs the klusterlet agent on a managed cluster.
Options:
--ca-file: Provide a custom CA file for hub verification--force-internal-endpoint-lookup: Required for clusters behind NAT (e.g., kind clusters)
Accept Cluster Registration
clusteradm accept --clusters <cluster1>,<cluster2>,...
Approves cluster join requests on the hub.
Remove a Managed Cluster
clusteradm unjoin --cluster-name <cluster-name>
Removes klusterlet components from a managed cluster.
Add-on Management
Install Hub Add-ons
# Install specific add-ons
clusteradm install hub-addon --names argocd
clusteradm install hub-addon --names governance-policy-framework
Enable Add-ons on Managed Clusters
clusteradm addon enable --names <addon-name> --namespace <namespace> --clusters <clusters>
# Examples
clusteradm addon enable --names argocd --namespace argocd --clusters cluster1,cluster2
clusteradm addon enable --names governance-policy-framework --namespace open-cluster-management-agent-addon --clusters cluster1
Cluster Sets and Placement
Create Cluster Sets
clusteradm create clusterset <clusterset-name>
Bind Clusters to Sets
clusteradm clusterset bind <clusterset-name> --clusters <cluster1>,<cluster2>
Create Placements
clusteradm create placement <placement-name> --clusters <cluster1>,<cluster2>
Application Deployment
Create Sample Applications
clusteradm create sampleapp <app-name>
Creates and deploys sample applications using Argo CD ApplicationSets.
Cluster Proxy
Access managed clusters through the cluster proxy:
clusteradm proxy health --cluster-name <cluster-name>
clusteradm proxy kubectl --cluster-name <cluster-name> -- <kubectl-args>
Version Bundles
clusteradm uses version bundles to ensure compatibility between OCM components. You can:
- Use the default bundle:
clusteradm init - Specify a version:
clusteradm init --bundle-version v0.16.0 - Override component versions:
clusteradm init --bundle-version-overrides /path/to/overrides.json
Example override file:
{
"ocm": "v0.16.1",
"app_addon": "v0.16.0",
"policy_addon": "v0.16.0",
"multicluster_controlplane": "v0.7.0"
}
Examples
Multi-cluster Application Deployment
# 1. Create a cluster set
clusteradm create clusterset production
# 2. Bind clusters to the set
clusteradm clusterset bind production --clusters web-cluster,api-cluster
# 3. Create a placement for the application
clusteradm create placement web-app-placement --clusterset production
# 4. Deploy using ManifestWork or Argo CD
clusteradm create work my-web-app --clusters web-cluster,api-cluster
Policy Enforcement
# 1. Install policy framework
clusteradm install hub-addon --names governance-policy-framework
# 2. Enable on managed clusters
clusteradm addon enable --names governance-policy-framework \
--namespace open-cluster-management-agent-addon \
--clusters cluster1,cluster2
# 3. Enable config policy controller
clusteradm addon enable --names config-policy-controller \
--namespace open-cluster-management-agent-addon \
--clusters cluster1,cluster2
Contributing
We welcome contributions! Please see our Contributing Guide for details on:
- Code contribution process
- Development environment setup
- Testing guidelines
- Community guidelines
Community & Support
Get Connected
- Website: open-cluster-management.io
- Slack: #open-cluster-mgmt on Kubernetes Slack
- Mailing List: open-cluster-management@googlegroups.com
- YouTube: OCM Community
- Community Meetings: Calendar
License
This project is licensed under the Apache License 2.0.
Built by the Open Cluster Management community
Directories