Networks (Groups of Clusters)

A Network is simply a group of clusters that are managed together. To manage them as a group, they are connected and communicate over a L7 Virtual Application Network. Every Network has 1 'hub' cluster and N x 'edge' clusters. The edge clusters call home to the hub cluster, so they do not need to have their Kubernetes API exposed.

Creating a Network

To create a Network, do one of the following:

  • click on the "New -> Network" at the top of the page
  • click on the "*" next to the Networks page in the left Nav bar
  • click on the "Click to Create Network" at the top of the Network page

alt text

Choose a Network Name and Features

alt text

App of Apps Enabled Network

If you select an "App of Apps = "Yes" enabled network, you will then be asked to indicate a Git Repo and path for KAOPS to write your AppOfApps manifests. The reason we do this is that AppOfApps pattern allows you to specify the order in which Apps are deployed to a cluster, using Sync waves. Even if you enable AppOfApps at the Network level, you can still decide which Apps will use sync waves when you create Apps in KAOPS (Appllications)

Then click next...

Attaching a Hub Cluster

On the 2nd page, you will

  1. select a 'hub' cluster for the network, from your list of unattached clusters.

  2. Select the namespace in which the KAOPS agent will be installed in the hub cluster. YOu should put KAOPS agent in a separate namespace so that it can be removed cleanly later, if necessary.

  3. Select a Hub KAOPS Agent service type. This wil determine how the KAOPS agent is exposed in the 'hub' cluster, and how all edges will connect to it. Consider the following types

NodePort Hub Service Type

This is for test scenarios where the KAOPS agent uses a NodePort service in the hub cluster for edge clusters to connect to.

  • Select Nodeport
  • Set the "Override Hub Cluster External IP Address" to the IP address of the hub cluster
    • NOTE: if using a minikube --driver=none, this is the same IP address of the server running the minikube
  • Set the avaialbe TCP ports open Inbound to the hub cluster.
    • NOTE: if you don't have a firewall between your edge clusters and hub cluster, then this is not important.

This will result in the following Network creation... alt text

Ingress Hub Service Type

This is for scenarios where the KAOPS agent in the hub cluster uses an ingress (and ingress controller) for edge clusters to connect to. In this case, we will install an Nginx ingress controller and cert manager in the hub cluster. This allows you to use Fully Qualified Domain Names and the DNS service of your choice to connect to hubs cluster, and consume ingress services (like Grafana, ArgoCD UI, Kubernetes Dashboard, etc)

  • Select Ingress
  • You must create a DNS entry to associate your ingress domain/URI with the IP address or FQDN of your hub cluster.
  • Note: You must allow inbound port 443 open in the hub cluster sites, and port 443 open outbound in the edge cluster sites for this to work.

This will result in the following Network creation...

alt text

NOTE: The DNS check will help you setup your DNS correctly.

Attaching Edge Clusters

You can attach as many edge clusters to the Network as you like by selecting "..." -> Attach an Edge Cluster.

Do this for both the dev and prod clusters, which will result in this...

Installing KAOPS Agents into your Clusters

The final steps to managing your clusters with KAOPS, is to install the KAOPS agent in your clusters. To do this, get the install instructions for a cluster, starting with your hub cluster, and paste them into the terminal where you use 'kubectl' to manage your clusters.

alt text

This will:

  • Set your context
  • Download the yaml for KAOPS agent install
  • Apply the yaml to the cluster
  • KAOPS agent will access your KAOPS Backend account

If the agent is installed properly, and connects to the KAOPS backend, you should see the status go to 'UP'. And you are now ready to install yoru edge clusters using the same method.

alt text

Deleting a Network and Detaching Clusters

You will eventually have a Network running with multiple clusters, applications, secrets, IaC and other things distrbuted to those cluster, and may want to delete the Network or detach Clusters. You can do that with the following...

alt text

When you detach an edge cluster, KAOPS will:

  • remove tags from the attached cluster
  • UN-distirbute Apps, sealedSecrets, IaC
  • Delete the KAOPS Agent and all tools in the Cluster
  • Detach the Cluster from the Network

When you delete a Network, KAOPS will do this for all Clusters in the Network, and then delete the Network.

You can check the Delete progress by trying to Delete a second time. If there are problems deleting the resources, you have a Force Delete option which will immediately remove the Network and/or Clusters from your account.
NOTE: you may have to cleanup leftover resrouces in the Clusters using kubectl. So, it is best to be patient while resources are being deleted.