diff --git a/charts/clusternet-agent/Chart.yaml b/charts/clusternet-agent/Chart.yaml index b54f2ee..e7bd6c0 100644 --- a/charts/clusternet-agent/Chart.yaml +++ b/charts/clusternet-agent/Chart.yaml @@ -33,7 +33,7 @@ kubeVersion: "" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.3.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/clusternet-agent/README.md b/charts/clusternet-agent/README.md index 44200c1..9e73b88 100644 --- a/charts/clusternet-agent/README.md +++ b/charts/clusternet-agent/README.md @@ -3,8 +3,8 @@ ## TL;DR ```console -helm repo add clusternet https://clusternet.github.io/charts -helm install clusternet-agent -n clusternet-system --create-namespace \ +$ helm repo add clusternet https://clusternet.github.io/charts +$ helm install clusternet-agent -n clusternet-system --create-namespace \ --set parentURL=PLEASE-CHANGE-ME \ --set registrationToken=PLEASE-CHANGE-ME \ clusternet/clusternet-agent @@ -13,12 +13,23 @@ helm install clusternet-agent -n clusternet-system --create-namespace \ Please update `PLEASE-CHANGE-ME` to your valid configurations, such as, ```console -helm install clusternet-agent -n clusternet-system --create-namespace \ +$ helm install clusternet-agent -n clusternet-system --create-namespace \ --set parentURL=https://192.168.10.10:6443 \ --set registrationToken=07401b.f395accd246ae52d \ clusternet/clusternet-agent ``` +**Note:** If bootstrapping authentication is **not supported** by the kube-apiserver in parent cluster (like k3s) , i.e. `--enable-bootstrap-token-auth=false` (which defaults to be false), please use serviceaccount token instead. + +[Click here to get the serviceaccount token from parent cluster.](../clusternet-hub/README.md#get-serviceaccount-token-from-parent-cluster) + +```console +$ helm install clusternet-agent -n clusternet-system --create-namespace \ + --set parentURL=https://192.168.10.10:6443 \ + --set registrationToken=Parent-Cluster-ServiceAccount-Token \ + clusternet/clusternet-agent +``` + ## Introduction `clusternet-agent` is responsible for diff --git a/charts/clusternet-hub/Chart.yaml b/charts/clusternet-hub/Chart.yaml index 57dbda1..db739d9 100644 --- a/charts/clusternet-hub/Chart.yaml +++ b/charts/clusternet-hub/Chart.yaml @@ -31,7 +31,7 @@ kubeVersion: "" # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.3.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/clusternet-hub/README.md b/charts/clusternet-hub/README.md index 68d8fca..9c0aefb 100644 --- a/charts/clusternet-hub/README.md +++ b/charts/clusternet-hub/README.md @@ -3,9 +3,30 @@ ## TL;DR ```console -helm repo add clusternet https://clusternet.github.io/charts -helm install clusternet-hub -n clusternet-system --create-namespace clusternet/clusternet-hub -kubectl apply -f https://raw.githubusercontent.com/clusternet/clusternet/main/manifests/samples/cluster_bootstrap_token.yaml +$ helm repo add clusternet https://clusternet.github.io/charts +$ helm install clusternet-hub -n clusternet-system --create-namespace clusternet/clusternet-hub +``` + +### Create Auth Token + +- If bootstrapping authentication is supported, i.e. `--enable-bootstrap-token-auth=true` is explicitly set in the kube-apiserver running in parent cluster. + +```console +$ kubectl apply -f https://raw.githubusercontent.com/clusternet/clusternet/main/manifests/samples/cluster_bootstrap_token.yaml +``` + +- If bootstrapping authentication is **not supported** by the kube-apiserver in parent cluster (like k3s) , i.e. `--enable-bootstrap-token-auth=false` (which defaults to be false), please use serviceaccount token instead. + +```console +# this will create a serviceaccount token +$ kubectl apply -f https://raw.githubusercontent.com/clusternet/clusternet/main/manifests/samples/cluster_serviceaccount_token.yaml +``` + +### Get ServiceAccount Token from parent cluster + +```console +$ kubectl get secret -n clusternet-system -o=jsonpath='{.items[?(@.metadata.annotations.kubernetes\.io/service-account\.name=="cluster-bootstrap-use")].data.token}' | base64 --decode; echo +HERE WILL OUTPUTS A LONG STRING. PLEASE REMEMBER THIS. ``` ## Introduction