Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spike current Migration Design/Code #1449

Open
yanmxa opened this issue Mar 6, 2025 · 0 comments
Open

Spike current Migration Design/Code #1449

yanmxa opened this issue Mar 6, 2025 · 0 comments

Comments

@yanmxa
Copy link
Member

yanmxa commented Mar 6, 2025

Manager

  1. Watch MCM/MSA in GH namespace
    • Create the MSA in the “To” hub
    • Send to “To” hub cluster with the msa info(name), with klusterletaddonconfig if it exists in the annotation!
    • Delete the MSA when deleting the MCM
  2. Watch MSA in To hub cluster namespace
    • Wait until the sa secret for the MSA is ready -> BootstrapSecret ”bootstrap-”
    • Generate the KlusterletConfig - ”migration-” which contain the above bootstrap-secret information
    • Send to “From” hub cluster with info: bootstrap-secret, klusterletConfig, managed-clusters
    • Send to “To” hub cluster with msa info again? with klusterletaddonconfig if it exists in the annotation!

Agent

  1. “From” hub cluster - Receive the Event(bootstrap-secret,klusterletConfig, managed-clusters)

    • Ensure the bootstrap-secret, KlusterletConfig
    • Add annotation(agent.open-cluster-management.io/klusterlet-config) to managedcluster cr to let it ues the
    • klusterletConfig: migration- Also add a mark to indicate the mcl is migrating
    • Send the KlusterletAddonConfig of the migrating mcl to GH one by one -> can create the resource on the target cluster direclty?
    • The manager received the KlusterletAddonConfig(it should have more than one), add it to the MCM annotation!
    • Wait 10 seconds to ensure the klusterletconfig is applied -> ensure the hub propagate the klusterconfig into these managed clusters?
    • Set all the hubAcceptClient of the mcl to false on the “From Hub” cluster -> trigger the klusterlet-agent to use the configured bootstrap server
    • Wait 10 seconds again -> connect to the new hub
    • Detach the managed clusters(hubAccpetClient -> false on the “From”

  2. “To” hub cluster - Receive the to Event(with MSA info, KlusterletAddonConfig)

    • AutoApprove the CSR created by SA(MSA) -> enable the registration feature: ManagedClusterAutoApproval and add the user to autoApproveUsers List
    • Create the ClusterRole"multicluster-global-hub-migration:": Create subjectaccessreviews for the SA, only to check whether you have the permission to …?
    • Binding to the SA with clusterRole: "multicluster-global-hub-migration:"
    • Binding the ClusterRole "system:open-cluster-management:managedcluster:bootstrap:agent-registration" to the SA(MSA)
    • Create the KlusterletAddonConfig
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yanmxa