feat(docs): how to assign a specific address to tcp

2026-02-14 18:10:03 +00:00 · 2025-03-27 07:10:40 +01:00
parent c91b4b3674
commit 05aad8ce56
1 changed files with 44 additions and 35 deletions
--- a/docs/content/getting-started/getting-started.md
+++ b/docs/content/getting-started/getting-started.md
@@ -1,8 +1,8 @@
 # Getting started with Kamaji
 This guide will lead you through the process of creating a working Kamaji setup on a generic infrastructure.

-!!! warning ""
-    The material here is relatively dense. We strongly encourage you to dedicate time to walk through these instructions, with a mind to learning. We do NOT provide any "one-click" deployment here. However, once you've understood the components involved it is encouraged that you build suitable, auditable GitOps deployment processes around your final infrastructure.
+!!! info "Slow Start"
+    The material here is relatively dense. We strongly encourage you to dedicate time to walk through these instructions, with a mind to learning how Kamaji works. We do NOT provide any "one-click" deployment here. However, once you've understood the components involved it is encouraged that you build suitable, auditable GitOps deployment processes around your final infrastructure.

 The guide requires:

@@ -43,11 +43,11 @@ Throughout the following instructions, shell variables are used to indicate valu
 source kamaji.env
 ```

-Any regular and conformant Kubernetes v1.22+ cluster can be turned into a Kamaji setup. To work properly, the Management Clusterr should provide:
+Any regular and conformant Kubernetes v1.22+ cluster can be turned into a Kamaji setup. To work properly, the Management Cluster should provide:

 - CNI module installed, eg. [Calico](https://github.com/projectcalico/calico), [Cilium](https://github.com/cilium/cilium).
- CSI module installed with a Storage Class for the Tenant datastores. Local Persistent Volumes are an option.
- Support for LoadBalancer service type, eg. [MetalLB](https://metallb.universe.tf/), or a Cloud based controller.
+- CSI module installed with a Storage Class for the Tenant datastores. The [Local Path Provisioner](https://github.com/rancher/local-path-provisioner) is a suggested choice, even for production environments.
+- Support for LoadBalancer service type, eg. [MetalLB](https://metallb.universe.tf/), or cloud based.
 - Optionally, a Monitoring Stack installed, eg. [Prometheus](https://github.com/prometheus-community).

 Make sure you have a `kubeconfig` file with admin permissions on the cluster you want to turn into Kamaji Management Cluster and check you can access:
@@ -67,19 +67,12 @@ helm install \
  cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
-  --version v1.11.0 \
  --set installCRDs=true
 ```

 ## Install Kamaji Controller

-Installing Kamaji via Helm charts is the preferred way. Run the following commands to install a stable release of Kamaji:
-
-```bash
-helm repo add clastix https://clastix.github.io/charts
-helm repo update
-helm install kamaji clastix/kamaji -n kamaji-system --create-namespace
-```
+Installing Kamaji via Helm charts is the preferred way to deploy the Kamaji controller. The Helm chart is available in the `charts` directory of the Kamaji repository.

 !!! info "Stable Releases"
    As of July 2024 [Clastix Labs](https://github.com/clastix) does no longer publish stable release artifacts. Stable releases are offered on a subscription basis by [CLASTIX](https://clastix.io), the main Kamaji project contributor. 
@@ -140,22 +133,7 @@ spec:
        apiServer: []
        controllerManager: []
        scheduler: []
-      resources:
-        apiServer:
-          requests:
-            cpu: 250m
-            memory: 512Mi
-          limits: {}
-        controllerManager:
-          requests:
-            cpu: 125m
-            memory: 256Mi
-          limits: {}
-        scheduler:
-          requests:
-            cpu: 125m
-            memory: 256Mi
-          limits: {}
+      resources: {}
    service:
      additionalMetadata:
        labels:
@@ -182,11 +160,9 @@ spec:
    konnectivity:
      server:
        port: ${TENANT_PROXY_PORT}
-        resources:
-          requests:
-            cpu: 100m
-            memory: 128Mi
-          limits: {}
+        resources: {}
+      client:
+        resources: {}
 EOF

 kubectl -n ${TENANT_NAMESPACE} apply -f ${TENANT_NAMESPACE}-${TENANT_NAME}-tcp.yaml
@@ -198,7 +174,7 @@ After a few seconds, check the created resources in the tenants namespace and wh
 kubectl -n ${TENANT_NAMESPACE} get tcp,deploy,pods,svc

 NAME                           VERSION   STATUS   CONTROL-PLANE ENDPOINT   KUBECONFIG                   DATASTORE   AGE
-tenantcontrolplane/tenant-00   v1.25.2   Ready    192.168.32.240:6443      tenant-00-admin-kubeconfig   default     2m20s
+tenantcontrolplane/tenant-00   v1.32.2   Ready    192.168.32.240:6443      tenant-00-admin-kubeconfig   default     2m20s

 NAME                        READY   UP-TO-DATE   AVAILABLE   AGE
 deployment.apps/tenant-00   3/3     3            3           118s
@@ -216,6 +192,39 @@ The regular Tenant Control Plane containers: `kube-apiserver`, `kube-controller-

 The `LoadBalancer` service type is used to expose the Tenant Control Plane on the assigned `loadBalancerIP` acting as `ControlPlaneEndpoint` for the worker nodes and other clients as, for example, `kubectl`. Service types `NodePort` and `ClusterIP` are still viable options to expose the Tenant Control Plane, depending on the case. High Availability and rolling updates of the Tenant Control Planes are provided by the `tcp` Deployment and all the resources reconcilied by the Kamaji controller.

+### Assign a Specific Address to the Tenant Control Plane
+
+When a Tenant Control Plane is created, Kamaji waits for the LoadBalancer to provide an address, which it then assigns to the `ControlPlaneEndpoint` field of the Tenant Control Plane. This address is crucial as it allows worker nodes and tenant users to access the Tenant Control Plane. By default, the LoadBalancer controller in your management cluster dynamically selects this address and passes it to Kamaji through the `Service` resource.
+
+If you need to use a specific address for your Tenant Control Plane, you can specify it by setting the `tcp.spec.networkProfile.address` field in the Tenant Control Plane manifest. This optional field ensures that Kamaji uses your preferred address. However, if the specified address is unavailable, the Tenant Control Plane will remain in a `NotReady` state until the address becomes available.
+
+To ensure that the LoadBalancer controller uses your specified address for the Service, you'll need to use controller-specific annotations. For instance, if you're using MetalLB as your LoadBalancer controller, you can add the `metallb.universe.tf/loadBalancerIPs` annotation to your Service definition, allowing the LoadBalancer controller to select the specified address:
+
+```yaml
+apiVersion: kamaji.clastix.io/v1alpha1
+kind: TenantControlPlane
+metadata:
+  name: sample-tcp
+  labels:
+    tenant.clastix.io: sample-tcp
+spec:
+  controlPlane:
+    deployment:
+      replicas: 2
+    service:
+      serviceType: LoadBalancer
+      additionalMetadata:
+        annotations:
+          metallb.universe.tf/loadBalancerIPs: 172.18.255.104 # use this address
+  kubernetes:
+    version: "v1.30.0"
+    kubelet:
+      cgroupfs: systemd
+  networkProfile:
+    address: 172.18.255.104 # use this address
+    port: 6443
+```
+
 ### Working with Tenant Control Plane

 Collect the external IP address of the `tcp` service: