The manual import process has 2 phases, first create the necessary resources on the hub, and then deploy the agent on the managed cluster.
On the Hub cluster:
- Create a namespace
Namespace name should be same as cluster name
kubectl create ns {cluster_name}
On the Hub Cluster:
- Create a ManagedCluster CR:
apiVersion: cluster.open-cluster-management.io/v1
kind: ManagedCluster
metadata:
name: {cluster_name}
spec:
hubAcceptsClient: true
- Import controller will generate a secret named
{cluster_name}-import
. - The
{cluster_name}-import
secret contains the crds.yaml and import.yaml that the user will apply on managed cluster to install klusterlet.
kubectl get secret ${cluster_name}-import -n ${cluster_name} -o jsonpath={.data.crds\\.yaml} | base64 -D > crds.yaml
kubectl get secret ${cluster_name}-import -n ${cluster_name} -o jsonpath={.data.import\\.yaml} | base64 -D > import.yaml
- Login to your managed cluster:
- Apply the
crds.yaml
andimport.yaml
generated in previous step with
kubectl apply -f crds.yaml
kubectl apply -f import.yaml
Validation:
- check the pod status on the managed cluster:
kubectl get pod -n open-cluster-management-agent
Once all the pod running on the managed cluster in namespace open-cluster-management-agent
It will create a csr on the hub with the managed cluster name as prefix.
- To check the if csr is created on the hub
kubectl get csr
Example: csr will be in pending state
kubectl get csr
NAME AGE REQUESTOR CONDITION
test1-lpxcj 8s system:serviceaccount:test1:test1-bootstrap-sa Pending
- csr will get automatically approved
oc get csr --all-namespaces
NAME AGE REQUESTOR CONDITION
test1-lpxcj 12s system:serviceaccount:test1:test1-bootstrap-sa Approved,Issued
- Once the csr is approved, check the managed cluster status
kubectl get managedclusters ${cluster_name} -o yaml
- Status should indicate ManagedClusterJoined and ManagedClusterAvailable and Status: "True" for successful import
- lastTransitionTime: "2020-06-23T17:14:15Z"
message: Accepted by hub cluster admin
reason: HubClusterAdminAccepted
status: "True"
type: HubAcceptedManagedCluster
- lastTransitionTime: "2020-06-23T17:19:32Z"
message: Managed cluster is available
reason: ManagedClusterAvailable
status: "True"
type: ManagedClusterConditionAvailable
- lastTransitionTime: "2020-06-23T17:19:32Z"
message: Managed cluster joined
reason: ManagedClusterJoined
status: "True"
type: ManagedClusterJoined
On the Hub Cluster:
- Create a KlusterletAddonConfig CR:
apiVersion: agent.open-cluster-management.io/v1
kind: KlusterletAddonConfig
metadata:
name: {cluster_name}
namespace: {cluster_name}
spec:
clusterName: {cluster_name}
clusterNamespace: {cluster_name}
applicationManager:
enabled: true
clusterLabels:
cloud: auto-detect
vendor: auto-detect
policyController:
enabled: true
searchCollector:
enabled: true
certPolicyController:
enabled: true
iamPolicyController:
enabled: true
version: 2.2.0
On the Hub Cluster:
-
klusterletaddonconfig creation triggers
Reconcile()
in klusterlet addon controller -
Controller will create manifestworks for addons in the {cluster_name} namespace
On the managed cluster:
- Check the addons installed in the namespace
open-cluster-management-agent-addon
kubectl get pods -n open-cluster-management-agent-addon