cluster-relocation-operator

command module
v0.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 7, 2023 License: Apache-2.0 Imports: 11 Imported by: 0

README

cluster-relocation-operator

CI Status Tests

This is a community project, it is not supported by Red Hat in any way.

Description

This operator can assist in reconfiguring a cluster once it has been moved to a new location. It performs the following steps:

  • Update the API and Ingress domain aliases using a generated self-signed certificate, or using a user provided certificate.
  • Update the internal DNS records for the API and Ingress (SNO only).
  • (Optional) Update the cluster-wide pull secret.
  • (Optional) Add new SSH keys for the 'core' user.
  • (Optional) Add new CatalogSources.
  • (Optional) Add new ImageContentSoucePolicy/ImageDigestMirrorSets for mirroring.
  • (Optional) Add new trusted CA for a mirror registry.
  • (Optional) Register the cluster to ACM.

Applying the ClusterRelocation CR will cause the node(s) to reboot, since a MachineConfig is applied as part of the process.

Getting Started

You’ll need an OpenShift cluster to run against. The cluster must be v4.12 or higher.

Installing on the cluster
cat << EOF | oc apply -f -
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
  name: "cluster-relocation-operator"
  namespace: "openshift-operators"
spec:
  channel: "stable"
  installPlanApproval: "Automatic"
  source: "community-operators"
  sourceNamespace: "openshift-marketplace"
  name: "cluster-relocation-operator"
EOF

Once the operator is installed:

cat << EOF | oc apply -f -
apiVersion: rhsyseng.github.io/v1beta1
kind: ClusterRelocation
metadata:
  name: cluster
spec:
  domain: sample.new.domain.com
  acmRegistration:
    url: https://api.hub.example.com:6443
    clusterName: sample
    acmSecret:
      name: acm-secret
      namespace: openshift-config
    klusterletAddonConfig:
      policyController:
        enabled: true
      applicationManager:
        enabled: true
      certPolicyController:
        enabled: true
      iamPolicyController:
        enabled: true
      searchCollector:
        enabled: true
  catalogSources:
    - name: new-catalog-source
      image: <mirror_url>:<mirror_port>/redhat/redhat-operator-index:v4.12
  imageDigestMirrors:
    - mirrors:
        - <mirror_url>:<mirror_port>/lvms4
      source: registry.redhat.io/lvms4
  pullSecretRef:
    name: my-new-pull-secret
    namespace: my-namespace
  registryCert:
    registryHostname: <mirror_url>
    registryPort: 8443
    certificate: <new_registry_cert>
  sshKeys:
    - <new_ssh_key>
EOF
Deleting the CR

When you delete the ClusterRelocation CR, everything will be reverted back to its original state.

If you would like to delete the CR, but keep the relocation configuration, you may add the skip-finalizer: "true" annotation:

apiVersion: rhsyseng.github.io/v1beta1
kind: ClusterRelocation
metadata:
  name: cluster
  annotations:
    skip-finalizer: "true"

and then delete the CR like this:

oc delete clusterrelocation cluster --cascade=orphan

This will allow you to delete the CR (and the operator if desired), while keeping the new configuration.

Contributing

This is a community project, feel free to open a PR and help out!

How it works

This project aims to follow the Kubernetes Operator pattern.

It uses Controllers, which provide a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster.

Test It Out
  1. Install the CRDs into the cluster:
make install
  1. Run your controller (this will run in the foreground, so switch to a new terminal if you want to leave it running):
make run

NOTE: You can also run this in one step by running: make install run

Modifying the API definitions

If you are editing the API definitions, generate the manifests such as CRs or CRDs using:

make manifests

NOTE: Run make --help for more information on all potential make targets

More information can be found via the Kubebuilder Documentation

License

Copyright 2023.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
api
v1beta1
Package v1beta1 contains API Schema definitions for the v1beta1 API group +kubebuilder:object:generate=true +groupName=rhsyseng.github.io
 Package v1beta1 contains API Schema definitions for the v1beta1 API group +kubebuilder:object:generate=true +groupName=rhsyseng.github.io
internal
acm
api
catalog
dns
ingress
mirror
pullSecret
registryCert
secrets
ssh
util

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.