1#Cluster Controller
2
3The cluster controller reconciles on create and update of a `cluster` resource.
4For a cluster of type GKE a container cluster and a container node pool is created.
5For any other type cluster, a fluentbit config map is generated and added to a synced object.
6
7## Synced Objects
8
9A SyncedObject resource allow us to specify resources that will be sync by flux using chiarot.
10The SyncedObject controller is responsible to call chariot using the information in the SyncedObject resource.
11
12
13## Plugins
14Plugins allow us to add functionality to the cluster controller without modify it, to create a plugin follow the steps below:
15
161) Implement the `ClusterRegistrationPlugin` interface below found in `controllers/clusterctl/pkg/plugins/plugins.go`
17```go
18type ClusterRegistrationPlugin interface {
19 Reconcile(ctx context.Context, cl client.Client, log logr.Logger, cluster *clusterApi.Cluster) (ctrl.Result, error)
20 Component() string // returns the name of the component that owns the created resources
21}
22```
23
242) Register the plugins in `controllers/clusterctl/controller.go`
25```go
26// registerPlugins add new plugins here to be automatically executed by controller.
27func registerPlugins() {
28 plugins.Register(clusterctlplugin.AgentMonitoringSAPlugin{
29 SecretManagerProvider: func(ctx context.Context, projectID string) (types.SecretManagerService, error) {
30 return secretMgrApi.NewWithOptions(ctx, projectID)
31 },
32 })
33}
34```
35
363) Add kubebuilder rbac annotations in `controllers/clusterctl/cluster_controller.go` to create role needed by your plugin.
37Once done, run `just update-manifest` to generate those roles.
38```go
39// +kubebuilder:rbac:groups=edge.ncr.com,resources=clusters,verbs=get;list;watch
40// +kubebuilder:rbac:groups=edge.ncr.com,resources=clusters/status,verbs=get
41// +kubebuilder:rbac:groups=edge.ncr.com,resources=syncedobjects,verbs=create;get;list;update;patch;watch
42// +kubebuilder:rbac:groups=edge.ncr.com,resources=syncedobjects/status,verbs=get
43// +kubebuilder:rbac:groups="container.cnrm.cloud.google.com",resources=containerclusters,verbs=create;get;list;update;patch;watch
44// +kubebuilder:rbac:groups="container.cnrm.cloud.google.com",resources=containerclusters/status,verbs=get
45// +kubebuilder:rbac:groups="iam.cnrm.cloud.google.com",resources=iamserviceaccounts;iamserviceaccountkeys;iampolicymembers,verbs=get;list;create;update;patch;watch
46// +kubebuilder:rbac:groups="iam.cnrm.cloud.google.com",resources=iamserviceaccounts/status;iamservicecaccountkeys/status;iampolicymembers/status,verbs=get
47```
View as plain text