From 732f9944d1990bf2ba6d625e0baa7f8d52ef83d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Wed, 15 Nov 2023 09:04:03 +0100 Subject: [PATCH] adds information about IM configuration and usage --- README.md | 28 +++++++++++----------------- docs/README.md | 21 ++++++++++++++++++++- 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index c7f5df69..9e24671e 100644 --- a/README.md +++ b/README.md @@ -4,17 +4,15 @@ ## Overview -This project **will be** responsible for managing [Kyma](https://kyma-project.io/#/) clusters infrastructure. Buil using [kubebuilder framework](https://github.com/kubernetes-sigs/kubebuilder) -It's main responsibilities **will be**: -- Provisioning and deprovisioning Kyma clusters -- Generating dynamic kubeconfigs +This project responsible for managing [Kyma](https://kyma-project.io/#/) clusters infrastructure. Built using [kubebuilder framework](https://github.com/kubernetes-sigs/kubebuilder) + +It's current responsibilities are: +- Generating and rotating secrets containing dynamic kubeconfigs ## Prerequisites -- Access to a k8s cluster. -- [k3d](https://k3d.io) to get a local cluster for testing, or run against a remote cluster. +- Access to a k8s cluster.You can use [k3d](https://k3d.io) to get a local cluster for testing, or run against a remote cluster. - [kubectl](https://kubernetes.io/docs/tasks/tools/) -- [kubebuilder](https://book.kubebuilder.io/) ## Installation @@ -82,20 +80,16 @@ make gardener-secret-deploy ``` ## Usage -TODO: -> Explain how to use the project. You can create multiple subsections (H3). Include the instructions or provide links to the related documentation. +Infrastructure Manager is responsible for creation and rotation of secrets of clusters defined in `GardenerCluster` CRs. Sample CR is available [here](config/samples/infrastructuremanager_v1_gardenercluster.yaml). -## Development +### Time based rotation +Secrets are totated based on the `kubeconfig-expiration-time`, see [the configuration section](docs/README.md#configuration). -> Add instructions on how to develop the project or example. It must be clear what to do and, for example, how to trigger the tests so that other contributors know how to make their pull requests acceptable. Include the instructions or provide links to related documentation. +### Force rotation +It's possible to force secret rotation before the time based rotation kicks in. In order to do that, add the `operator.kyma-project.io/force-kubeconfig-rotation: "true"` annotation to the `GardenCluster` Custom Resource. -## Troubleshooting +> Explain how to use the project. You can create multiple subsections (H3). Include the instructions or provide links to the related documentation. -> List potential issues and provide tips on how to avoid or solve them. To structure the content, use the following sections: -> -> - **Symptom** -> - **Cause** -> - **Remedy** ## Contributing diff --git a/docs/README.md b/docs/README.md index ae7d4c5b..3c1646b8 100644 --- a/docs/README.md +++ b/docs/README.md @@ -4,4 +4,23 @@ This folder contains documents that relate to the project. -> In this document, provide the list of all documents that this folder contains, together with links to those documents and short information on what they describe. +## Development + +run `make test` to see if all tests are passing. + +## Configuration + +It's possible to configure Infrastructure Manager deployment with following arguments: +1. `gardener-kubeconfig-path` - defines path to the gardener project kubeconfig used during API calls +2. `gardener-project` - name of the gardener project where the infrastructure operations are performed +3. `kubeconfig-expiration-time` - maximum time after which kubeconfig is rotated. The rotation will happen sometime between `0.6 * kubeconfig-expiration-time` and `kubeconfig-expiration-time`. + +See [manager_gardener_secret_patch.yaml](../config/default/manager_gardener_secret_patch.yaml) for default values. + +## Troubleshooting + +> TBD: List potential issues and provide tips on how to avoid or solve them. To structure the content, use the following sections: +> +> - **Symptom** +> - **Cause** +> - **Remedy**