Existing brownfield Kubernetes clusters or clusters provisioned using the customer's existing process can be imported into the controller using a "GUI based Wizard" in the Web Console OR "Fully Automated and Embedded" into an pipeline. Once successfully imported, the controller will
- Provide visibility and monitoring into all aspects of the Kubernetes cluster.
- Provide users with secure KubeCTL access to the cluster.
- Manage the lifecycle of workloads on "imported clusters".
Users can import existing clusters into their Orgs by deploying the Kubernetes management operator on the clusters. This can be performed either via "kubectl" or "helm"
The image below describes the typical steps that are performed in a sequence to successfully import a cluster into the Controller.
sequenceDiagram Admin->>Controller: Download "bootstrap.yaml" Admin->>Cluster: apply "bootstrap.yaml" Controller->>Cluster: Provision/Import Cluster (unique token) Cluster-->> Management Operator: Start Management Operator Note right of Management Operator: Generate CSR (with unique token) Management Operator-->>Controller: Send CSR Note left of Controller: Verify token and Sign CSR Controller->> Management Operator: Send Signed Certificate rect rgb(191, 223, 255) Management Operator->>+Controller: Establish long running mTLS connection Note left of Controller: Only accept connections with valid client certificate Controller->>-Management Operator: Uses secure connection for cluster operations end