kamaji icon indicating copy to clipboard operation
kamaji copied to clipboard

Published 20 hours ago verified publisher icon clastix

Feature Request: enable deployments on tenant clusters via fluxcd

Open curx opened this issue 2 years ago • 9 comments

Description:

It would a feature to enable the fluxcd on the kamaji cluster to deploy workload at the tenant. Since fluxcd[1] has the feature to use the created kubeconfig from the tenant kubeconfig secret.

[1] https://fluxcd.io/docs/components/helm/helmreleases/#remote-clusters--cluster-api

curx avatar Aug 15 '22 12:08 curx

the needed info is to set the correct key admin.conf for fluxcd, e.g.

---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
  name: cilium
  namespace: tenant
spec:
  interval: 1m0s
  url: https://helm.cilium.io/
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: cilium
  namespace: tenant
spec:
  storageNamespace: kube-system
  chart:
    spec:
      chart: cilium
      sourceRef:
        kind: HelmRepository
        name: cilium
        namespace: tenant
  interval: 5m0s
  kubeConfig:
    secretRef:
      name: cluster1-admin-kubeconfig  # the created kubeconfig
      key: admin.conf                  # set the key for kubeconfig
  targetNamespace: kube-system
  install:
    remediation:
      retries: -1

curx avatar Aug 15 '22 17:08 curx

Hey @curx, thanks for opening this FR and sharing with us the way to achieve it!

Would be great having this documented as a MD file that we could use lately for a broader documentation, do you mind if we mark this as a doc related PR and assigning it to you?

prometherion avatar Aug 16 '22 06:08 prometherion

Hi @prometherion sure, reopened it to address it to me.

curx avatar Aug 17 '22 10:08 curx

Hi @curx, any update on this, or anything I can do to help you?

We'd love to release the v0.0.2 of Kamaji in the upcoming week and documenting this would be awesome!

prometherion avatar Sep 07 '22 06:09 prometherion

Due to the missing activity, asking @maxgio92 if you can assist with this due to your wide experience on FluxCD.

prometherion avatar Sep 12 '22 08:09 prometherion

Sure @prometherion can definitely do it.

I see this as a way to prepare a tenant cluster with further software. As a detail, this would be responsibilty of the admin cluster manager and the GitOps operator is supposed to be installed on the admin cluster.

Likewise, the tenant can easily install a GitOps operator in its own cluster (i.e. Flux) and make it apply resources.

Are we on the same page?

maxgio92 avatar Sep 19 '22 09:09 maxgio92

Are we on the same page?

We do!

prometherion avatar Sep 20 '22 12:09 prometherion

Please @curx, if you're not able to take care of this documentation enhancement let us know.

prometherion avatar Sep 20 '22 12:09 prometherion

Sorry for the late reply - but I can work on this topic next week again

On Tue, Sep 20, 2022 at 2:40 PM Dario Tranchitella @.***> wrote:

Please @curx https://github.com/curx, if you're not able to take care of this documentation enhancement let us know.

— Reply to this email directly, view it on GitHub https://github.com/clastix/kamaji/issues/121#issuecomment-1252297014, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAGV3CQEW5AYWTJPDMFZ34LV7GWE7ANCNFSM56SCJKWQ . You are receiving this because you were mentioned.Message ID: @.***>

curx avatar Sep 21 '22 08:09 curx