diff --git a/content/en/concepts/addon.md b/content/en/concepts/addon.md index 37229a7d..3cac3589 100644 --- a/content/en/concepts/addon.md +++ b/content/en/concepts/addon.md @@ -1,8 +1,14 @@ --- title: Add-ons -weight: 4 +weight: 8 --- + + +{{< toc >}} + + + ## What is an add-on? Open-cluster-management has a built-in mechanism named [addon-framework](https://github.com/open-cluster-management-io/addon-framework) diff --git a/content/en/concepts/managedcluster.md b/content/en/concepts/managedcluster.md index dcb93ead..b8a84227 100644 --- a/content/en/concepts/managedcluster.md +++ b/content/en/concepts/managedcluster.md @@ -1,6 +1,6 @@ --- title: ManagedCluster -weight: 2 +weight: 3 --- diff --git a/content/en/concepts/managedclusterset.md b/content/en/concepts/managedclusterset.md index c5559c23..a76c22e5 100644 --- a/content/en/concepts/managedclusterset.md +++ b/content/en/concepts/managedclusterset.md @@ -1,6 +1,6 @@ --- title: ManagedClusterSet -weight: 2 +weight: 4 --- diff --git a/content/en/concepts/manifestwork.md b/content/en/concepts/manifestwork.md index 6df971f7..822f5c28 100644 --- a/content/en/concepts/manifestwork.md +++ b/content/en/concepts/manifestwork.md @@ -1,6 +1,6 @@ --- title: ManifestWork -weight: 2 +weight: 6 --- diff --git a/content/en/concepts/manifestworkreplicaset.md b/content/en/concepts/manifestworkreplicaset.md index 1d975807..87697124 100644 --- a/content/en/concepts/manifestworkreplicaset.md +++ b/content/en/concepts/manifestworkreplicaset.md @@ -1,6 +1,6 @@ --- title: ManifestWorkReplicaSet -weight: 3 +weight: 7 --- diff --git a/content/en/concepts/multicluster-controlplane.md b/content/en/concepts/multicluster-controlplane.md index ab32e770..370b08d9 100644 --- a/content/en/concepts/multicluster-controlplane.md +++ b/content/en/concepts/multicluster-controlplane.md @@ -1,6 +1,6 @@ --- title: Multicluster Control Plane -weight: 2 +weight: 10 --- diff --git a/content/en/concepts/placement.md b/content/en/concepts/placement.md index b2db5587..d520886a 100644 --- a/content/en/concepts/placement.md +++ b/content/en/concepts/placement.md @@ -1,6 +1,6 @@ --- title: Placement -weight: 3 +weight: 5 --- diff --git a/content/en/concepts/policy.md b/content/en/concepts/policy.md index 7ca7e009..221b459e 100644 --- a/content/en/concepts/policy.md +++ b/content/en/concepts/policy.md @@ -1,6 +1,6 @@ --- title: Policy -weight: 5 +weight: 9 --- diff --git a/content/zh/concepts/addon.md b/content/zh/concepts/addon.md index b4bcc51b..c7a0fd1d 100644 --- a/content/zh/concepts/addon.md +++ b/content/zh/concepts/addon.md @@ -1,8 +1,14 @@ --- title: 自定义插件 -weight: 4 +weight: 8 --- + + +{{< toc >}} + + + ## What is an add-on? Open-cluster-management has a built-in mechanism named [addon-framework](https://github.com/open-cluster-management-io/addon-framework) diff --git a/content/zh/concepts/clusterclaim.md b/content/zh/concepts/clusterclaim.md index b84841e1..e711f747 100644 --- a/content/zh/concepts/clusterclaim.md +++ b/content/zh/concepts/clusterclaim.md @@ -1,5 +1,5 @@ --- -title: ClusterClaim +title: 集群声明 weight: 2 --- @@ -32,7 +32,7 @@ to the status of `ManagedCluster`. Here is a `ClusterClaim` example specifying a `id.k8s.io`: -``` +```yaml apiVersion: cluster.open-cluster-management.io/v1alpha1 kind: ClusterClaim metadata: @@ -44,7 +44,7 @@ spec: After applying the `ClusterClaim` above to any managed cluster, the value of the `ClusterClaim` is reflected in the `ManagedCluster` on the hub cluster: -``` +```yaml apiVersion: cluster.open-cluster-management.io/v1 kind: ManagedCluster metadata: ... diff --git a/content/zh/concepts/managedcluster.md b/content/zh/concepts/managedcluster.md index 38e7c3f5..19090047 100644 --- a/content/zh/concepts/managedcluster.md +++ b/content/zh/concepts/managedcluster.md @@ -1,6 +1,6 @@ --- title: 托管集群 -weight: 2 +weight: 3 --- @@ -56,7 +56,7 @@ command-line tool `clusteradm` to manage the whole registration process. When we're registering a new cluster into OCM, the registration agent will be starting by creating an unaccepted `ManagedCluster` into the hub cluster along with a temporary [CertificateSigningRequest (CSR)](https://kubernetes.io/docs/reference/access-authn-authz/certificate-signing-requests/) -resource. The cluster will be accepted by the hub control plan, if the +resource. The cluster will be accepted by the hub control plane, if the following requirements is meet: - The CSR is approved and signed by any certificate provider setting filling diff --git a/content/zh/concepts/managedclusterset.md b/content/zh/concepts/managedclusterset.md index e7c90e29..338fbbfe 100644 --- a/content/zh/concepts/managedclusterset.md +++ b/content/zh/concepts/managedclusterset.md @@ -1,6 +1,6 @@ --- title: 托管集群分组 -weight: 2 +weight: 4 --- diff --git a/content/zh/concepts/manifestwork.md b/content/zh/concepts/manifestwork.md index 927720bb..dc7dd822 100644 --- a/content/zh/concepts/manifestwork.md +++ b/content/zh/concepts/manifestwork.md @@ -1,6 +1,6 @@ --- title: 资源下发 -weight: 2 +weight: 6 --- diff --git a/content/zh/concepts/manifestworkreplicaset.md b/content/zh/concepts/manifestworkreplicaset.md new file mode 100644 index 00000000..39672e60 --- /dev/null +++ b/content/zh/concepts/manifestworkreplicaset.md @@ -0,0 +1,168 @@ +--- +title: 资源下发组 +weight: 7 +--- + + + +{{< toc >}} + + + +## What is `ManifestWorkReplicaSet` + +`ManifestWorkReplicaSet` is an aggregator API that use [Manifestwork](https://github.com/open-cluster-management-io/open-cluster-management-io.github.io/blob/main/content/en/concepts/manifestwork.md) and [Placement](https://github.com/open-cluster-management-io/open-cluster-management-io.github.io/blob/main/content/en/concepts/placement.md) to create manifeswork for the placement selected clusters. + +An example of `ManifestWorkReplicaSet` to deploy a CronJob and Namespace for a group of clusters selected by a placement. + +```yaml +apiVersion: work.open-cluster-management.io/v1alpha1 +kind: ManifestWorkReplicaSet +metadata: + name: mwrset-cronjob + namespace: ocm-ns +spec: + placementRefs: + - name: placement-byname # Name of a created Placement + manifestWorkTemplate: + deleteOption: + propagationPolicy: SelectivelyOrphan + selectivelyOrphans: + orphaningRules: + - group: '' + name: ocm-ns + namespace: '' + resource: Namespace + manifestConfigs: + - feedbackRules: + - jsonPaths: + - name: lastScheduleTime + path: .status.lastScheduleTime + - name: lastSuccessfulTime + path: .status.lastSuccessfulTime + type: JSONPaths + resourceIdentifier: + group: batch + name: sync-cronjob + namespace: ocm-ns + resource: cronjobs + workload: + manifests: + - kind: Namespace + apiVersion: v1 + metadata: + name: ocm-ns + - kind: CronJob + apiVersion: batch/v1 + metadata: + name: sync-cronjob + namespace: ocm-ns + spec: + schedule: '* * * * *' + concurrencyPolicy: Allow + suspend: false + jobTemplate: + spec: + backoffLimit: 2 + template: + spec: + containers: + - name: hello + image: 'quay.io/prometheus/busybox:latest' + args: + - /bin/sh + - '-c' + - date; echo Hello from the Kubernetes cluster +``` +The placement reference must be in the same namespace as the manifestWorkReplicaSet. + +## Status tracking + +Assuming the used placement reference in the previous example **plcament-byname** has 10 clusters selected. The manifestWorkReplicaSet monitor the Placement selected clusters and create/delete manifestWork for the placement clusters's. The ManifestWorkReplicaSet track the status conditions of the created manifestWorks and report a summery for all manifestWorks status in the manifestWorkReplicaSet status. + +The manifestWorkReplicaSet has two status conditions; +1. **PlacementVerified** to verify the placementRefs (not exist or empty cluster selection). +1. **ManifestWorkApplied** to verify all the created manifestWork status conditions (applied, progressing, degraded or available). + +Here is an example. + +```yaml +apiVersion: work.open-cluster-management.io/v1alpha1 +kind: ManifestWorkReplicaSet +metadata: + name: mwrset-cronjob + namespace: ocm-ns +spec: + placementRefs: + - name: placement-byname # Name of a created Placement + manifestWorkTemplate: + ... +status: + conditions: + - lastTransitionTime: '2023-04-27T02:30:54Z' + message: '' + reason: AsExpected + status: 'True' + type: PlacementVerified + - lastTransitionTime: '2023-04-27T02:30:54Z' + message: '' + reason: AsExpected + status: 'True' + type: ManifestworkApplied + summary: + applied: 10 + available: 10 + progressing: 0 + degraded: 0 + total: 10 +``` +## Release and Enable Feature + +ManifeastWorkReplicaSet is in alpha release and it is not enable by default. In order to enable the ManifeastWorkReplicaSet feature, it has to be enabled in the cluster-manager instance in the hub. Use the following command to edit the cluster-manager CR (custom resource) in the hub cluster. + +```shell +$ oc edit ClusterManager cluster-manager +``` +Add the workConfiguration field to the cluster-manager CR as below and save. + +```yaml +kind: ClusterManager +metadata: + name: cluster-manager +spec: + ... + workConfiguration: + featureGates: + - feature: ManifestWorkReplicaSet + mode: Enable +``` +In order to assure the ManifestWorkReplicaSet has been enabled successfully check the cluster-manager using the command below + +```shell +$ oc get ClusterManager cluster-manager -o yml +``` +You should find under the status->generation the cluster-manager-work-controller deployment has been added as below + +```yaml +kind: ClusterManager +metadata: + name: cluster-manager +spec: + ... +status: + ... + generations: + ... + - group: apps + lastGeneration: 2 + name: cluster-manager-work-webhook + namespace: open-cluster-management-hub + resource: deployments + version: v1 + - group: apps + lastGeneration: 1 + name: cluster-manager-work-controller + namespace: open-cluster-management-hub + resource: deployments + version: v1 +``` diff --git a/content/zh/concepts/multicluster-controlplane.md b/content/zh/concepts/multicluster-controlplane.md new file mode 100644 index 00000000..3d754093 --- /dev/null +++ b/content/zh/concepts/multicluster-controlplane.md @@ -0,0 +1,91 @@ +--- +title: 多集群控制面 +weight: 10 +--- + + + +{{< toc >}} + + + +## What is `Multicluster Control Plane` +The multicluster control plane is a lightweight Open Cluster Manager (OCM) control plane that is easy to install and has a small footprint. It can be running anywhere with or without kubernetes environment to sever the OCM control plane capabilities. + +## Why use `Multicluster Control Plane` +1. Some kubernetes environments do not have CSR (e.g., EKS) so that the standard OCM control plane cannot be installed. The multicluster control plane can be able to install in these environments and expose the OCM control plane API via loadbalancer. + +2. Some users want to run multiple OCM control plane to isolate the data. The typical case is that the user wants to run one OCM control plane for production and another OCM control plane for development. The multicluster control plane can be able to install in the different namespace in a single cluster. Each multicluster control plane is running independently and serving the OCM control plane capabilities. + +3. Some users want to run OCM control plane without kubernetes environment. The multicluster control plane can be running in a standalone mode. for example, it can be running in a VM. Expose the control plane API to the outside so the managed clusters can register to it. + +## How to use `Multicluster Control Plane` + +### Start the standalone multicluster control plane + +You need build `multicluster-controlplane` in your local host. Following below steps to build the binary and start the multicluster control plane. + +```Shell +git clone https://github.com/open-cluster-management-io/multicluster-controlplane.git +cd multicluster-controlplane +make run +``` + +Once the control plane is running, you can access the control plane by using `kubectl --kubeconfig=./_output/controlplane/.ocm/cert/kube-aggregator.kubeconfig`. + +You can customize the control plane configurations by creating a config file and using the environment variable `CONFIG_DIR` to specify your config file directory. Please check [here](https://github.com/open-cluster-management-io/multicluster-controlplane#run-controlplane-as-a-local-binary) for details. + +### Install via clusteradm + +#### Install clusteradm CLI tool + +It's recommended to run the following command to download and install **the +latest release** of the `clusteradm` command-line tool: + +```shell +curl -L https://raw.githubusercontent.com/open-cluster-management-io/clusteradm/main/install.sh | bash +``` +#### Install multicluster control plane + +You can use `clusteradm init` to deploy the multicluster control plane in your kubernetes environment. + +1. Set the environment variable KUBECONFIG to your cluster kubeconfig path. For instance, create a new KinD cluster and deploy multicluster control plane in it. + +```Shell +export KUBECONFIG=/tmp/kind-controlplane.kubeconfig +kind create cluster --name multicluster-controlplane +export mc_cp_node_ip=$(kubectl get nodes -o=jsonpath='{.items[0].status.addresses[?(@.type=="InternalIP")].address}') +``` + +2. Run following command to deploy a control plane + +```Shell +clusteradm init --singleton=true --set route.enabled=false --set nodeport.enabled=true --set nodeport.port=30443 --set apiserver.externalHostname=$mc_cp_node_ip --set apiserver.externalPort=30443 --singleton-name multicluster-controlplane +``` +Refer to [here](https://github.com/open-cluster-management-io/multicluster-controlplane#use-helm-to-deploy-controlplane-in-a-cluster) for how to customize the control plane configurations. + +3. Get the control plane kubeconfig by running the following command: + +```Shell +kubectl -n multicluster-controlplane get secrets multicluster-controlplane-kubeconfig -ojsonpath='{.data.kubeconfig}' | base64 -d > /tmp/multicluster-controlplane.kubeconfig +``` + +### Join a cluster to the multicluster control plane + +You can use `clusteradm` to join a cluster. For instance, take the KinD cluster as an example, run the following command to join the cluster to the control plane: + +```Shell +kind create cluster --name cluster1 --kubeconfig /tmp/kind-cluster1.kubeconfig +clusteradm --kubeconfig=/tmp/multicluster-controlplane.kubeconfig get token --use-bootstrap-token +clusteradm --singleton=true --kubeconfig /tmp/kind-cluster1.kubeconfig join --hub-token --hub-apiserver https://$mc_cp_node_ip:30443/ --cluster-name cluster1 +clusteradm --kubeconfig=/tmp/multicluster-controlplane.kubeconfig accept --clusters cluster1 +``` + +### Verify the cluster join +Run this command to verify the cluster join: +```Shell +kubectl --kubeconfig=/tmp/multicluster-controlplane.kubeconfig get managedcluster +NAME HUB ACCEPTED MANAGED CLUSTER URLS JOINED AVAILABLE AGE +cluster1 true https://cluster1-control-plane:6443 True True 5m25s +``` +You should see the managedcluster joins to the multicluster control plane. Congratulation! diff --git a/content/zh/concepts/placement.md b/content/zh/concepts/placement.md index e8647f12..c1bd52d4 100644 --- a/content/zh/concepts/placement.md +++ b/content/zh/concepts/placement.md @@ -1,6 +1,6 @@ --- title: 匹配路由 -weight: 3 +weight: 5 --- diff --git a/content/zh/concepts/policy.md b/content/zh/concepts/policy.md index 7ca7e009..221b459e 100644 --- a/content/zh/concepts/policy.md +++ b/content/zh/concepts/policy.md @@ -1,6 +1,6 @@ --- title: Policy -weight: 5 +weight: 9 --- diff --git a/i18n/en.toml b/i18n/en.toml index 1d50b4fa..e02e0af4 100644 --- a/i18n/en.toml +++ b/i18n/en.toml @@ -79,20 +79,23 @@ other = "Concepts" [sidebar_architecture] other = "Architecture" -[sidebar_managed_cluster] -other = "ManagedCluster" - [sidebar_cluster_claim] other = "ClusterClaim" +[sidebar_managed_cluster] +other = "ManagedCluster" + [ sidebar_managed_cluster_set ] other = "ManagedClusterSet" +[sidebar_placement] +other = "Placement" + [sidebar_manifest_work] other = "ManifestWork" -[sidebar_placement] -other = "Placement" +[sidebar_manifest_work_replicaset] +other = "ManifestWorkReplicaSet" [sidebar_addons] other = "Add-ons" @@ -100,6 +103,9 @@ other = "Add-ons" [sidebar_policy] other = "Policy" +[sidebar_multicluster_controlplane] +other = "Multicluster Control Plane" + [sidebar_getting_started] other = "Getting Started" diff --git a/i18n/zh.toml b/i18n/zh.toml index 700cb6be..f74a66e9 100644 --- a/i18n/zh.toml +++ b/i18n/zh.toml @@ -79,20 +79,23 @@ other = "概念" [sidebar_architecture] other = "架构" -[sidebar_managed_cluster] -other = "托管集群" - [sidebar_cluster_claim] other = "集群声明" +[sidebar_managed_cluster] +other = "托管集群" + [ sidebar_managed_cluster_set ] other = "托管集群分组" +[sidebar_placement] +other = "匹配路由" + [sidebar_manifest_work] other = "资源下发" -[sidebar_placement] -other = "匹配路由" +[sidebar_manifest_work_replicaset] +other = "资源下发组" [sidebar_addons] other = "自定义插件" @@ -100,6 +103,9 @@ other = "自定义插件" [sidebar_policy] other = "Policy" +[sidebar_multicluster_controlplane] +other = "多集群控制面" + [sidebar_getting_started] other = "安装" diff --git a/themes/ocmTheme/layouts/partials/sidebar.html b/themes/ocmTheme/layouts/partials/sidebar.html index ea24de02..a822b6a0 100644 --- a/themes/ocmTheme/layouts/partials/sidebar.html +++ b/themes/ocmTheme/layouts/partials/sidebar.html @@ -24,21 +24,27 @@
  • {{ i18n "sidebar_managed_cluster" }}
    • -
  • - {{ i18n "sidebar_manifest_work" }} -
  • {{ i18n "sidebar_managed_cluster_set" }}
  • {{ i18n "sidebar_placement" }}
    • +
  • + {{ i18n "sidebar_manifest_work" }} +
    • +
  • + {{ i18n "sidebar_manifest_work_replicaset" }} +
  • {{ i18n "sidebar_addons" }}
  • {{ i18n "sidebar_policy" }}
    • +
  • + {{ i18n "sidebar_multicluster_controlplane" }} +