Skip to content

Spike current Migration Design/Code #1449

New issue
New issue
Open
Open
Spike current Migration Design/Code#1449
@yanmxa

Description

@yanmxa
yanmxa
opened on Mar 6, 2025

Manager

  1. Watch MCM/MSA in GH namespace
    • Create the MSA in the “To” hub
    • Send to “To” hub cluster with the msa info(name), with klusterletaddonconfig if it exists in the annotation!
    • Delete the MSA when deleting the MCM
  2. Watch MSA in To hub cluster namespace
    • Wait until the sa secret for the MSA is ready -> BootstrapSecret ”bootstrap-”
    • Generate the KlusterletConfig - ”migration-” which contain the above bootstrap-secret information
    • Send to “From” hub cluster with info: bootstrap-secret, klusterletConfig, managed-clusters
    • Send to “To” hub cluster with msa info again? with klusterletaddonconfig if it exists in the annotation!

Agent

  1. “From” hub cluster - Receive the Event(bootstrap-secret,klusterletConfig, managed-clusters)

    • Ensure the bootstrap-secret, KlusterletConfig
    • Add annotation(agent.open-cluster-management.io/klusterlet-config) to managedcluster cr to let it ues the
    • klusterletConfig: migration- Also add a mark to indicate the mcl is migrating
    • Send the KlusterletAddonConfig of the migrating mcl to GH one by one -> can create the resource on the target cluster direclty?
    • The manager received the KlusterletAddonConfig(it should have more than one), add it to the MCM annotation!
    • Wait 10 seconds to ensure the klusterletconfig is applied -> ensure the hub propagate the klusterconfig into these managed clusters?
    • Set all the hubAcceptClient of the mcl to false on the “From Hub” cluster -> trigger the klusterlet-agent to use the configured bootstrap server
    • Wait 10 seconds again -> connect to the new hub
    • Detach the managed clusters(hubAccpetClient -> false on the “From”

  2. “To” hub cluster - Receive the to Event(with MSA info, KlusterletAddonConfig)

    • AutoApprove the CSR created by SA(MSA) -> enable the registration feature: ManagedClusterAutoApproval and add the user to autoApproveUsers List
    • Create the ClusterRole"multicluster-global-hub-migration:": Create subjectaccessreviews for the SA, only to check whether you have the permission to …?
    • Binding to the SA with clusterRole: "multicluster-global-hub-migration:"
    • Binding the ClusterRole "system:open-cluster-management:managedcluster:bootstrap:agent-registration" to the SA(MSA)
    • Create the KlusterletAddonConfig

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions