From 028c3689758fed04c1115f447cb7677d6007775b Mon Sep 17 00:00:00 2001 From: Stefan Prodan Date: Fri, 16 Oct 2020 12:40:17 +0300 Subject: [PATCH] Add targeting non-capi clusters to docs Signed-off-by: Stefan Prodan --- api/v1beta1/kustomization_types.go | 1 - ...mize.toolkit.fluxcd.io_kustomizations.yaml | 2 +- docs/api/kustomize.md | 6 ++---- docs/spec/v1beta1/kustomization.md | 21 +++++++++++++------ 4 files changed, 18 insertions(+), 12 deletions(-) diff --git a/api/v1beta1/kustomization_types.go b/api/v1beta1/kustomization_types.go index 3991ea8..5851905 100644 --- a/api/v1beta1/kustomization_types.go +++ b/api/v1beta1/kustomization_types.go @@ -50,7 +50,6 @@ type KustomizationSpec struct { Interval metav1.Duration `json:"interval"` // The KubeConfig for reconciling the Kustomization on a remote cluster. - // Apply, Prune, HealthCheck, and Delete are all functional. // +optional KubeConfig *KubeConfig `json:"kubeConfig,omitempty"` diff --git a/config/crd/bases/kustomize.toolkit.fluxcd.io_kustomizations.yaml b/config/crd/bases/kustomize.toolkit.fluxcd.io_kustomizations.yaml index a1d4e27..5a90ab3 100644 --- a/config/crd/bases/kustomize.toolkit.fluxcd.io_kustomizations.yaml +++ b/config/crd/bases/kustomize.toolkit.fluxcd.io_kustomizations.yaml @@ -115,7 +115,7 @@ spec: type: string kubeConfig: description: The KubeConfig for reconciling the Kustomization on a - remote cluster. Apply, Prune, HealthCheck, and Delete are all functional. + remote cluster. properties: secretRef: description: 'The secret name containing a ''value'' key with diff --git a/docs/api/kustomize.md b/docs/api/kustomize.md index 7a53836..6d2e958 100644 --- a/docs/api/kustomize.md +++ b/docs/api/kustomize.md @@ -122,8 +122,7 @@ KubeConfig (Optional) -

The KubeConfig for reconciling the Kustomization on a remote cluster. -Apply, Prune, HealthCheck, and Delete are all functional.

+

The KubeConfig for reconciling the Kustomization on a remote cluster.

@@ -562,8 +561,7 @@ KubeConfig (Optional) -

The KubeConfig for reconciling the Kustomization on a remote cluster. -Apply, Prune, HealthCheck, and Delete are all functional.

+

The KubeConfig for reconciling the Kustomization on a remote cluster.

diff --git a/docs/spec/v1beta1/kustomization.md b/docs/spec/v1beta1/kustomization.md index 61b0cc0..787d710 100644 --- a/docs/spec/v1beta1/kustomization.md +++ b/docs/spec/v1beta1/kustomization.md @@ -543,15 +543,15 @@ spec: apiVersion: kustomize.toolkit.fluxcd.io/v1beta1 kind: Kustomization metadata: - name: backend + name: cluster-addons namespace: capi-stage spec: interval: 5m - path: "./webapp/backend/" + path: "./config/addons/" prune: true sourceRef: kind: GitRepository - name: webapp + name: cluster-addons kubeConfig: secretRef: name: stage-kubeconfig # Cluster API creates this for the matching Cluster @@ -560,10 +560,19 @@ spec: The Cluster and Kustomization can be created at the same time. The Kustomization will eventually reconcile once the cluster is available. -> **Note** that the KubeConfig should be self-contained and not rely on binaries, environment, or credential files -> from the kustomize-controller Pod. +If you wish to target clusters created by other means than CAPI, you can create a ServiceAccount on the remote cluster, +generate a kube config for that account, then create a secret on the cluster where kustomize-controller is running e.g.: + +```sh +kubectl create secret generic prod-kubeconfig \ + --from-file=value=./kubeconfig +``` + +> **Note** that the KubeConfig should be self-contained and not rely on binaries, environment, +> or credential files from the kustomize-controller Pod. > This matches the constraints of KubeConfigs from current Cluster API providers. -> KubeConfigs with `cmd-path` in them likely won't work without a custom, per-cluster installation of kustomize-controller. +> KubeConfigs with `cmd-path` in them likely won't work without a custom, +> per-provider installation of kustomize-controller. ## Secrets decryption