Setting a managed cluster

Granting access to source and destination cluster

Introduction

Connection to both the source and destination clusters is set using the ManagedCluster resource. Credentials are stored in Kubernetes secrets from which the ManagedCluster collection access to connect to the clusters.

Requirements

  • The kubeconfig file to access as read-only to the source cluster
  • The kubeconfig file to access as cluster-admin to the destination cluster
  • The Secret provided by AstroKube to access the Image Registry

Process

1. Prepare

Create Namespace

Create the namespace to configure the recovery process:

kubectl create namespace <namespace_name>

Setup registry credentials

Create the Secret that stores the credentials to the AstroKube image registry:

kubectl -n <namespace_name> create -f pull-secret.yaml

2. Configure the source Cluster

Create secret

Get the kubeconfig file that can be used to access the cluster, and save it as source-kubeconfig.yaml.

Then create the Secret with the following command:

kubectl -n <namespace_name> create secret generic source --from-file=kubeconfig.yaml=source-kubeconfig.yaml

Create resource

Define the ManagedCluster resource with the following YAML, and save it as managedcluster.yaml:

apiVersion: dr.astronetes.io/v1alpha1
kind: ManagedCluster
metadata:
  name: source
  namespace: <namespace_name>
spec:
  secretRef:
    name: source
    namespace: <namespace_name>

Deploy the resource with the following command:

kubectl create -f managedcluster.yaml

3. Configure the destination Cluster

Create secret

Get the kubeconfig file that can be used to access the cluster, and save it as destination-kubeconfig.yaml.

Then create the Secret with the following command:

kubectl -n <namespace_name> create secret generic destination --from-file=kubeconfig.yaml=destination-kubeconfig.yaml

Create resource

Define the ManagedCluster resource with the following YAML, and save it as managedcluster.yaml:

apiVersion: dr.astronetes.io/v1alpha1
kind: ManagedCluster
metadata:
  name: destination
  namespace: <namespace_name>
spec:
  secretRef:
    name: destination
    namespace: <namespace_name>

Deploy the resource with the following command:

kubectl create -f managedcluster.yaml