Skip to main content
Skip table of contents

Pre-provisioned Make your Air-gapped Cluster Self-managed

Konvoy deploys all cluster lifecycle services to a bootstrap cluster, which then deploys a workload cluster. When the workload cluster is ready, move the cluster lifecycle services to the workload cluster, which is now self-managed. This guide describes how to make a workload cluster self-managed.

This page contains instructions on how to make your cluster self-managed. This is necessary if there is only one cluster in your environment, or if this cluster should become the Management cluster in a multi-cluster environment.

If you already have a self-managed or Management cluster in your environment, skip this page.

Make the New Kubernetes Cluster Manage Itself

Your new cluster is turned into a Management Cluster (or free standing Essential Cluster) using this procedure:

If you have not already retrieved the kubeconfig after creating the cluster, use this command before proceeding: dkp get kubeconfig -c ${CLUSTER_NAME} > ${CLUSTER_NAME}.conf

  1. Deploy cluster lifecycle services on the workload cluster:

    CODE 
    dkp create capi-components --kubeconfig ${CLUSTER_NAME}.conf

    Output:

    CODE 
    ✓ Initializing new CAPI components

If your environment uses HTTP/HTTPS proxies, you must include the flags --http-proxy, --https-proxy, and --no-proxy and their related values in this command for it to be successful. More information is available in Configuring an HTTP/HTTPS Proxy.

  1. Move the Cluster API objects from the bootstrap to the workload cluster:

    The cluster lifecycle services on the workload cluster are ready, but the workload cluster configuration is on the bootstrap cluster. The move command moves the configuration, which takes the form of Cluster API Custom Resource objects, from the bootstrap to the workload cluster. This process is also called a Pivot. First unset the kubeconfig and then move the CAPI:

    CODE 
    unset KUBECONFIG

    Next:

    CODE 
    dkp move capi-resources --to-kubeconfig ${CLUSTER_NAME}.conf

    Output:

    CODE 
    ✓ Moving cluster resources
You can now view resources in the moved cluster by using the --kubeconfig flag with kubectl. For example: kubectl --kubeconfig=preprovisioned-example.conf get nodes

    NOTE: To ensure only one set of cluster lifecycle services manages the workload cluster, Konvoy first pauses reconciliation of the objects on the bootstrap cluster, then creates the objects on the workload cluster. As Konvoy copies the objects, the cluster lifecycle services on the workload cluster reconcile the objects. The workload cluster becomes self-managed after Konvoy creates all the objects. If it fails, the move command can be safely retried.

  2. Wait for the cluster control-plane to be ready:

    CODE 
    kubectl --kubeconfig ${CLUSTER_NAME}.conf wait --for=condition=ControlPlaneReady "clusters/${CLUSTER_NAME}" --timeout=20m

    Output:

    CODE 
    cluster.cluster.x-k8s.io preprovisioned-example condition met

  3. Use the cluster lifecycle services on the workload cluster to check the workload cluster status:

    NOTE: After moving the cluster lifecycle services to the workload cluster, remember to use Konvoy with the workload cluster kubeconfig.

    CODE 
    dkp describe cluster --kubeconfig ${CLUSTER_NAME}.conf -c ${CLUSTER_NAME}

    Output:

    CODE 
    NAME                                                                       READY  SEVERITY  REASON  SINCE  MESSAGE
Cluster/preprovisioned-example                                             True                     2m31s         
├─ClusterInfrastructure - PreprovisionedCluster/preprovisioned-example                                            
├─ControlPlane - KubeadmControlPlane/preprovisioned-example-control-plane  True                     2m31s         
│ ├─Machine/preprovisioned-example-control-plane-6g6nr                     True                     2m33s         
│ ├─Machine/preprovisioned-example-control-plane-8lhcv                     True                     2m33s         
│ └─Machine/preprovisioned-example-control-plane-kk2kg                     True                     2m33s         
└─Workers                                                                                                
  └─MachineDeployment/preprovisioned-example-md-0                          True                     2m34s         
    └─Machine/preprovisioned-example-md-0-77f667cd9-tnctd                  True                     2m33s

  4. Remove the bootstrap cluster, as the workload cluster is now self-managed:

    CODE 
    dkp delete bootstrap

    Output:

    CODE 
    ✓ Deleting bootstrap cluster

Known limitations

Be aware of these limitations in the current release of Konvoy.

  • DKP supports moving only one set of cluster objects from the bootstrap cluster to the workload cluster, or vice-versa.

  • DKP only supports moving all namespaces in the cluster; DKP does not support migration of individual namespaces.

Next Step

Pre-provisioned Install Kommander in an Air-gapped Environment

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close