From web console:
- Operators > OperatorHub > Install
Advanced Cluster Management for Kubernetes(if not already installed) - Create a
MultiClusterHubinstance (when prompted) - Operators > Installed Operators > ACM > MultiClusterHub > Wait for Status
Running
oc create route passthrough search-api --service=search-search-api -n open-cluster-managementFor every managed cluster, create a namespace and a KlusterletAddonConfig with enabled searchCollector:
for i in {1..2}; do
oc new-project mgmt-spoke$i
oc apply -f - <<-EOF
apiVersion: agent.open-cluster-management.io/v1
kind: KlusterletAddonConfig
metadata:
name: mgmt-spoke$i
namespace: mgmt-spoke$i
spec:
searchCollector:
enabled: true
applicationManager:
enabled: true
certPolicyController:
enabled: true
iamPolicyController:
enabled: true
policyController:
enabled: true
EOF
done
oc project defaultoc create token oauth-apiserver-sa -n openshift-oauth-apiserver --duration=8760hPOST https://search-api-open-cluster-management.apps.oran-hub01.rdu-infra-edge.corp/searchapi/graphql
query mySearch($input: [SearchInput]) {
searchResult: search(input: $input) {
items,
}
}
# GraphQL vars
{"input":[
{
"filters":[
{"property":"kind","values":["Cluster"]}]
}
]}
- OperatorHub > Multicluster Global Hub Operator
- Create a MulticlusterGlobalHub CR (e.g. using the web console)
Edit the CSV:
oc -n multicluster-global-hub edit csv multicluster-global-hub-operator.v1.1.0-devAdd the following under 'containers.args':
- --global-resource-enabledNote: in order to test the functionality of the global hub, ACM should be installed on the spoke clusters.
Clone assisted-service:
git clone https://github.com/openshift/assisted-serviceInstall and configure LSO:
cd assisted-service/deploy/operator/
export DISKS=$(echo sd{b..f})
./libvirt_disks.sh create
./setup_lso.sh install_lso
./setup_lso.sh create_local_volume
oc patch storageclass assisted-service -p '{"metadata": {"annotations": {"storageclass.kubernetes.io/is-default-class": "true"}}}'Run minio (for S3 compatible object storage):
podman run -d -p 9000:9000 -p 9001:9001 -v ~/minio/data:/data
-e "MINIO_ROOT_USER=accessKey1" -e "MINIO_ROOT_PASSWORD=verySecretKey1"
quay.io/minio/minio server /data --console-address ":9001"oc create namespace open-cluster-management-observabilityDOCKER_CONFIG_JSON=`oc extract secret/pull-secret -n openshift-config --to=-`
oc create secret generic multiclusterhub-operator-pull-secret \
-n open-cluster-management-observability \
--from-literal=.dockerconfigjson="$DOCKER_CONFIG_JSON" \
--type=kubernetes.io/dockerconfigjson
oc apply -f thanos-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: thanos-object-storage
namespace: open-cluster-management-observability
type: Opaque
stringData:
thanos.yaml: |
type: s3
config:
bucket: test
endpoint: <host_ip>:9000
insecure: true
access_key: accessKey1
secret_key: verySecretKey1Note: change <host_ip>
oc apply -f mco.yaml
apiVersion: observability.open-cluster-management.io/v1beta2
kind: MultiClusterObservability
metadata:
name: "observability"
spec:
observabilityAddonSpec: {}
storageConfig:
metricObjectStorage:
name: thanos-object-storage
key: thanos.yaml
compactStorageSize: 50Gi
receiveStorageSize: 50Gi
advanced:
query:
resources:
limits:
cpu: 1
memory: 1Gi
replicas: 1
receive:
resources:
limits:
cpu: 1
memory: 1Gi
replicas: 1
rule:
resources:
limits:
cpu: 1
memory: 1Gi
replicas: 1
store:
resources:
limits:
cpu: 1
memory: 1Gi
replicas: 1
storeMemcached:
resources:
limits:
cpu: 1
memory: 1Gi
replicas: 1
queryFrontendMemcached:
resources:
limits:
cpu: 1
memory: 1Gi
replicas: 1
alertmanager:
replicas: 1export TOKEN=$(oc create token oauth-apiserver-sa -n openshift-oauth-apiserver --duration=8760h)curl -k -H "Authorization: Bearer $TOKEN" https://alertmanager-open-cluster-management-observability.apps.ostest.test.metalkube.org/api/v2/alerts | jq